× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Thanks, Scott.

Yes, I get that... I just don't get why the DOS FTP works on my V7R3
system locally, but over VPN it doesn't always work.

I know I found some firewall issue before that was the problem... but I
checked and windows firewall is off.

ls, get, put all don't work when it's an issue.

I guess thats what happens when you get called back to a client after
years.. you forget how you made things work. :) At least I can transfer
between my IBM i and theirs. I like FTP if only because it's easier for
MGET and MPUTs than a GUI interface, and especially when I'm downloading
single files with large unique file names/paths. Copy and paste. :)

On Fri, Aug 9, 2019 at 3:57 PM Scott Klement <midrange-l@xxxxxxxxxxxxxxxx>
wrote:

Hi Brad,

Each time you transfer a file or directory listing, FTP picks from a
list of available tcp port numbers ("ephemeral ports" it calls them) and
sends information about which port it is using. The other side of the
connection attempts to connect to the system on that port. This
connection is separate from the one in which the login and the various
commands are sent.

The difference between passive and active FTP is which side listens on
the port, and which side connects to the port. In active ("regular")
FTP, the FTP client actually opens and listens to this ephemeral port,
and sends the info about the port number to the server. The server
actually opens a connection to the client on that port. That should
sound weird to you, because if you think about it, it means the FTP
server is acting as a client for that connection. This causes a lot of
problems with NAT gateways and firewalls that are designed to allow
connections to be made in just one direction.

In passive mode, the server listens on a port, and the client connects
to it to transfer the file. (Same as active, its still an ephemeral
port, its just in the opposite direction.) This typically works better
with firewalls and NAT gateways because all connections are made from
the client to the server, which is what they expect. However, it can
still be problematic because of the fact that it uses a range of
ephemeral ports -- and since the port number isn't always the same, some
connections might work, and some might fail, depending on the firewall
software.

I suspect there are two differences with FileZilla that might explain
why its different:

1) Older FTP clients (those that don't support "enhanced FTP") also send
the IP address in addition to the port number. This REALLY causes havoc
with NAT, since NAT changes the IP addresses in packets, so the NAT
gateway would need to be monitoring for FTP connections and would have
to rewrite part of the FTP session on the fly for it to work. Enhanced
FTP eliminates this, but i dont' know if the DOS command supports
enhanced FTP (probably not)

2) FileZilla may use passive mode, which the DOS FTP client doesn't
support. It might also use a different ephemeral port range (not sure
about that, though).

Ok, so that's a lot of information, and its really technical stuff.
(But since you wrote GETURI, I figured it'd make some sense to you,
since you've done some TCP programming.) But, maybe it helps you
understand the possibilities, and then you can narrow them down and try
to fix them.

Or, like Jack has been saying, you can stop using FTP. The sftp and
scp tools from OpenSSH are not only much more secure, but they do
everything on a single TCP connection (sort of the way HTTP does) so
there's no issue with the port number problems that regular FTP has.

Good Luck!

On 8/9/2019 9:02 AM, B Stone wrote:
With DOS FTP, sign on. Works great. When I do a GET or PUT it just
hangs
and never does anything.

I can use Filezilla and it works just fine, so I don't think it's any
sort
of virus protection (all I run is Windows Security).


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.