1

We've recently upgraded our Azure server to the package A5 (2 cores, 14gb RAM).

In order to do this, we turned it off, configured the new settings through Azure Portal and ,after the update, turned it back on.

Before the update, we could access the server using Filezilla with Transfer Mode in 'Default' but NOW, it only let us connect by selecting the 'Active' Mode...

After the update, we didn´t change Firewall/Server/FileZilla or any kind of settings.

Our connection settings in FileZilla are the following:

Filezilla General Settings

Log we get when trying to access in 'Passive' mode:

Status: Resolving address of posnike.cloudapp.net
Status: Connecting to 191.232.182.114:21...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Logged in
Status: Retrieving directory listing...
Command:    PWD
Response:   257 "/" is current directory.
Command:    TYPE I
Response:   200 Type set to I.
Command:    PASV
Response:   227 Entering Passive Mode (23,97,97,140,39,69).
Command:    LIST
Response:   150 Opening BINARY mode data connection.
Error:  Connection timed out after 20 seconds of inactivity
Error:  Failed to retrieve directory listing
Status: Disconnected from server
Status: Resolving address of posnike.cloudapp.net
Status: Connecting to 191.232.182.114:21...
Status: Connection established, waiting for welcome message...
Status: Insecure server, it does not support FTP over TLS.
Status: Logged in
Status: Retrieving directory listing...
Command:    PWD
Response:   257 "/" is current directory.
Command:    TYPE I
Response:   200 Type set to I.
Command:    PASV
Response:   227 Entering Passive Mode (23,97,97,140,39,70).
Command:    LIST
Response:   150 Opening BINARY mode data connection.
Error:  Connection timed out after 20 seconds of inactivity
Error:  Failed to retrieve directory listing

We can access to the server without trouble with another FTP program developed by a client (which doesn´t let us choose the Transfer Mode and we don´t know the default mode it uses) and also by command line.

Side note: in my Azure FTP settings there is an Alert at the right which says that "to accept passive connections when you are using FTP over SSL (FTPS), or when your Firewall does not filter packets, configure the external IPv4 address of your firewall."

Improve this question

1 Answer 1

Reset to default
2

Hasn't the server IP address changed?

The FTP server reports 23.97.97.140 in the PASV response. While you are connecting to 191.232.182.114.

Status: Connecting to 191.232.182.114:21...
...
Command:    PASV
Response:   227 Entering Passive Mode (23,97,97,140,39,70).

If the IP address has changed, you have to reconfigure the FTP server to the new IP address. You actually have to do it, even if it has not changed, as the server is clearly misconfigured.

Other things that could have happened during the upgrade (with decreasing order of probability - subjective).

  • FTP data connection ports in server firewall were closed.

  • FTP data connection port range changed in the FTP server. So the existing firewall rules or NAT rules no longer match.

  • Previously the internal firewall automatically opened FTP data connection ports by inspecting FTP control connection traffic. The possibly upgraded firewall does not do that anymore.

You basically have to check that everything that you would normally set up in network to allow passive FTP mode for new FTP server, is still in place (link to my article on the topic).

As you seem to be using IIS FTP server, see also my specific guide to setting up IIS FTP server with all the steps for allowing the passive mode.

Improve this answer
1
  • It was that simple Martin, we reconfigured the external IP of the FTP site as you said, restarted IIS and it worked! Thanks!!
    – Gosik
    Commented Apr 26, 2017 at 20:42

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .