2

Hey there I wonder if anyone can get me in the right direction. I am setting up both a FTPS Client and Server, FTPS Server using Microsoft’s iis FTP 7.5. On the client side it will be running on Linux and I am using M2crypto for the openssl wrapping (python). I am worried the problem is on the server side (iis7.5) due to the following discovery :

If I host using Filezilla with BOTH the control and data channel being forced to be encrypted it works 100% (100% file transmission), if i use iis as the server everything works up to the point when the data channel takes over... i.e. all data of the retrieved file is already received correctly in my basket! The ftp server just won't send the final '226 Transfer complete.' on the cmd socket. Why? If i force the client or server to close the connection the file is 100% intact....If i use iis 7.5 with forced encryption on control channel all works 100% as long as i don’t force data channel...

Here are some screenshots to demo this... Client View after Kill Client :

pics @ http://forums.iis.net/p/1172936/1960994.aspx#1960994

Summary : We can establish the connection, do directory listings, start the upload, see the file (0bytes) created on the server but then the client hangs. If we terminate the client, the uploaded file on the server suddenly jumps up to full size.

user59050
  • 121
  • 2

1 Answers1

0

You will start by taking Network Trace and see at what stage it's blocking. It's always better to get a clear picture. I would also like to see the FTP logfile.

Vivek Kumbhar
  • 3,073
  • 1
  • 18
  • 13
  • Log Before Force Client script to close : http://b.imagehost.org/0760/before_close_client.jpg – user59050 Nov 04 '10 at 05:53
  • after force : http://d.imagehost.org/0133/after_force_close.jpg – user59050 Nov 04 '10 at 05:56
  • Another flawless transfer using cerberus as FTP server : http://b.imagehost.org/1000/cerberus.jpg – user59050 Nov 04 '10 at 06:27
  • can you go through http://www.dotnetscraps.com/dotnetscraps/category/FTPS.aspx and verify if the configuration is good. – Vivek Kumbhar Nov 04 '10 at 06:32
  • I would also like to check if FTPS configuration is good by accessing the same from a Windows PC. – Vivek Kumbhar Nov 04 '10 at 06:32
  • thanks for all the help! really helpful! ok so u have a valid point! so setup FTP client and works 100% using fz client (windows) to iis... lol now more confused... will go through that link now thanks.. must i let u know my settings for iis? – user59050 Nov 04 '10 at 07:09
  • Ok looks like i never created the certificate properly... dam! cant seem to access https://server1/certsrv though using ur guide thanks again mate – user59050 Nov 04 '10 at 07:22
  • saying this as i used the "self signed" option.. is that wrong? used guide on iis page. – user59050 Nov 04 '10 at 07:35
  • self-signed cert is not bad but the main purpose is to check if the settings are good and if the client server communication is good.. i will like to remove linux system complexity out of the picture.. – Vivek Kumbhar Nov 04 '10 at 08:15
  • ok so windows to windows works perfectly (FZ client - iis).. both channels encrypted using self signed cert... So you rate it could be client side? server setup : basic+anon auth enabled, read write allowed for all(for now), SSL - require ssl + self signed cert it created. start users in FTP root Dir (so minimal isolation for now), port 21 physical folder permission to "everyone" (also for now) so everything seems correct... – user59050 Nov 04 '10 at 08:37
  • good.. thats really good.. now i would like to look at the Network Trace from the client and server.. either there would be some blockage or reset happening.. and trace will give you a better picture.. you can use WireShark for Windows i am not sure what can be used on Linux for tracing. – Vivek Kumbhar Nov 04 '10 at 10:16
  • made a duplicate post at http://forums.iis.net/p/1172936/1960994.aspx#1960994 a while back with all that info there. Sorry coulnt post here im limited to like one url per post or something... thanks soo much for helping! really appreciate it! – user59050 Nov 04 '10 at 11:48
  • No one know anything about this? – user59050 Nov 08 '10 at 06:05
  • What I understand is FTPS is configured good now the question is why it's failing when accessed from a Linux box. If you have taken Network Trace from the web server, check for any RST and that would give you some clue. I would also check for any driver updates on both the server and client. – Vivek Kumbhar Nov 08 '10 at 06:10