FTP Question

OK I know this question doesn't belong here but there are a lot more
knowledgeable people on this forum and since most of us use FTP to transfer
our ASP files and we are concerned about security I am hoping someone has
done this before.

I want to change my FTP port number. It works internally but not through the
firewall. Let's say I want to use port 1089. I have tried opening port 1088
as well.

Using IE to connect in active mode I get error 500 Invalid Port Command.
In passive mode I get error 426 Connection closed.
In both cases it says make sure you have permissions to access that folder
but obviously I do internally AND it works through the firewall on port 21.

I am using a Netgear firewall router.

Thanks,
Steve

Re: FTP Question

"SteveT" wrote in message
news:%2328$WurUHHA.4872@TK2MSFTNGP03.phx.gbl...
> OK I know this question doesn't belong here but there are a lot more
> knowledgeable people on this forum and since most of us use FTP to
transfer
> our ASP files and we are concerned about security I am hoping someone has
> done this before.
>
> I want to change my FTP port number. It works internally but not through
the
> firewall. Let's say I want to use port 1089. I have tried opening port
1088
> as well.
>
> Using IE to connect in active mode I get error 500 Invalid Port Command.
> In passive mode I get error 426 Connection closed.
> In both cases it says make sure you have permissions to access that folder
> but obviously I do internally AND it works through the firewall on port
21.
>
> I am using a Netgear firewall router.
>

Active mode it just a non-starter when a firewall is involved (unless you
have a pretty clever router)

What did you mean by 'opening port'?

Typically you will need to configure your router to forward connections to
port 1088 to the Web server.
Just specifying that connection to port 1088 isn't going to be enough unless
your Web server is the default 'DMZ server' that gets all other unspecified
connections.

Re: FTP Question

> What did you mean by 'opening port'?

Forward I guess. To setup the router to allow connections to come through
that port.

> Typically you will need to configure your router to forward connections to
> port 1088 to the Web server.

I specifically set the port to the IP address of my server and the same port
is specified for ftp on that server.


> Just specifying that connection to port 1088 isn't going to be enough
unless
> your Web server is the default 'DMZ server' that gets all other
unspecified
> connections.
It is currently not setup as the DMZ server. If it works for the normal ftp
port 21, or web 80, or it even works if I specify a different web port, why
would it not handle this? By the way, I do get to the logon point but that's
it

Re: FTP Question

Not sure if this is the cause of your issue, but it could be a firewall or
proxy interfering with your connection on a non-standard port. Might the
remote system that you're testing FROM have a firewall or proxy rule
disallowing a TCP connection on any non-standard port? Some businesses have
extremely strict policies.

"SteveT" wrote in message
news:u92XSvvUHHA.5068@TK2MSFTNGP03.phx.gbl...
>> What did you mean by 'opening port'?
>
> Forward I guess. To setup the router to allow connections to come through
> that port.
>
>> Typically you will need to configure your router to forward connections
>> to
>> port 1088 to the Web server.
>
> I specifically set the port to the IP address of my server and the same
> port
> is specified for ftp on that server.
>
>
>> Just specifying that connection to port 1088 isn't going to be enough
> unless
>> your Web server is the default 'DMZ server' that gets all other
> unspecified
>> connections.
> It is currently not setup as the DMZ server. If it works for the normal
> ftp
> port 21, or web 80, or it even works if I specify a different web port,
> why
> would it not handle this? By the way, I do get to the logon point but
> that's
> it
>
>