| Author |
Message |
Brad Pears
Guest
|
 Posted:
Tue Jan 18, 2005 4:42 am Post subject:
Problems with FTP... User getting 421 error... |
|
|
We have a user who is attempting to log onto our FTP site. He can get to the
point where he is being asked for a username and password. He is definately
entering the correct username/password and in the FTP log, it even backs
this up.
However, the connection is being closed after the time out period and there
is an error 421 being reported. The time out is set to 900 seconds (15
minutes).
Obviously he is able to connect to us on port 21 as he is being able to
authenticate - but unable to get any further. This rules out firewall
issues on either end I would think... This user is in England - we are in
Canada - shouldn't pose any issues.
No one else is having this problem and other users are using the exact same
username/password as this user is. Has anyone seen this type of thing
before??
The log file is showing the connection closing after the time out of 900
seconds (15 minutes) has expired. However, the user is reporting that his
screen errors out long before the 15 minutes is up... after only a few
minutes.
Has anyone had this problem before?
Here is a snippet of the log file...
2005-01-17 20:54:47 80.2.249.101 [25]USER tnlhdom/ftpdealer 331 0 -
2005-01-17 20:54:47 80.2.249.101 [25]PASS - 230 0 -
2005-01-17 21:10:09 80.2.249.101 [25]closed - 421 919172 -
2005-01-17 21:10:39 80.2.249.101 [24]closed - 421 952719 -
Thanks,
Brad |
|
| Back to top |
|
 |
Jim Behning
Guest
|
| Posted:
Tue Jan 18, 2005 5:14 am Post subject:
Re: Problems with FTP... User getting 421 error... |
|
|
I had some issues recently with ftp. Please note that anything I state
is not to be taken as gospel or anything near good security policies.
The administrator could make a ftp connection and see the share. The
remote user could not. The tech mentioned that the ftp user needed to
have log on locally rights. He did mention that this is a security
risk and you need to be strict on a good password policy. I have not
gone back to revisit this comment to understand what it means. Log on
locally should mean a lot to you. I think this was a local policy or
else it was a local domain policy. A google search of log on locally
ftp brought up a bunch of articles.
http://support.microsoft.com/?kbid=239120
"Brad Pears" <donotreply@notreal.com> wrote:
| Quote: | We have a user who is attempting to log onto our FTP site. He can get to the
point where he is being asked for a username and password. He is definately
entering the correct username/password and in the FTP log, it even backs
this up.
However, the connection is being closed after the time out period and there
is an error 421 being reported. The time out is set to 900 seconds (15
minutes).
Obviously he is able to connect to us on port 21 as he is being able to
authenticate - but unable to get any further. This rules out firewall
issues on either end I would think... This user is in England - we are in
Canada - shouldn't pose any issues.
No one else is having this problem and other users are using the exact same
username/password as this user is. Has anyone seen this type of thing
before??
The log file is showing the connection closing after the time out of 900
seconds (15 minutes) has expired. However, the user is reporting that his
screen errors out long before the 15 minutes is up... after only a few
minutes.
Has anyone had this problem before?
Here is a snippet of the log file...
2005-01-17 20:54:47 80.2.249.101 [25]USER tnlhdom/ftpdealer 331 0 -
2005-01-17 20:54:47 80.2.249.101 [25]PASS - 230 0 -
2005-01-17 21:10:09 80.2.249.101 [25]closed - 421 919172 -
2005-01-17 21:10:39 80.2.249.101 [24]closed - 421 952719 -
Thanks,
Brad
|
Jim B. SBS Community Member
remove the mvp to send email |
|
| Back to top |
|
|
Brad Pears
Guest
|
| Posted:
Tue Jan 18, 2005 10:04 pm Post subject:
Re: Problems with FTP... User getting 421 error... |
|
|
Thanks for the info. This user is actually attempting to log on using the
same username/password combination as many other FTP users that are having
no problems at all getting on to our site. Found out something interesting
though... This user is trying to connect from England using a broadband
connection. As a test, I suggested he try another computer. He tried an
older machine using a dial-up account instead and was able to connect!!!
However the speed is so slow he wants me to get his broadband working. I'm
wondering if it's something in the way that the broadband provider is
routing the IP.
Our firewall indicates an "allowed" incoming connection from his IP so it is
making it's way here, Mayeb the problem is in the routing of the data going
back the other way...
Not sure what to do next...
Brad
"Jim Behning" <jimbehningmvp@atl.mindspring.com> wrote in message
news:hdhou0p6t8f8hm9tbjcpt0npe2mb09vqr6@4ax.com...
| Quote: | I had some issues recently with ftp. Please note that anything I state
is not to be taken as gospel or anything near good security policies.
The administrator could make a ftp connection and see the share. The
remote user could not. The tech mentioned that the ftp user needed to
have log on locally rights. He did mention that this is a security
risk and you need to be strict on a good password policy. I have not
gone back to revisit this comment to understand what it means. Log on
locally should mean a lot to you. I think this was a local policy or
else it was a local domain policy. A google search of log on locally
ftp brought up a bunch of articles.
http://support.microsoft.com/?kbid=239120
"Brad Pears" <donotreply@notreal.com> wrote:
We have a user who is attempting to log onto our FTP site. He can get to
the
point where he is being asked for a username and password. He is
definately
entering the correct username/password and in the FTP log, it even backs
this up.
However, the connection is being closed after the time out period and
there
is an error 421 being reported. The time out is set to 900 seconds (15
minutes).
Obviously he is able to connect to us on port 21 as he is being able to
authenticate - but unable to get any further. This rules out firewall
issues on either end I would think... This user is in England - we are in
Canada - shouldn't pose any issues.
No one else is having this problem and other users are using the exact
same
username/password as this user is. Has anyone seen this type of thing
before??
The log file is showing the connection closing after the time out of 900
seconds (15 minutes) has expired. However, the user is reporting that his
screen errors out long before the 15 minutes is up... after only a few
minutes.
Has anyone had this problem before?
Here is a snippet of the log file...
2005-01-17 20:54:47 80.2.249.101 [25]USER tnlhdom/ftpdealer 331 0 -
2005-01-17 20:54:47 80.2.249.101 [25]PASS - 230 0 -
2005-01-17 21:10:09 80.2.249.101 [25]closed - 421 919172 -
2005-01-17 21:10:39 80.2.249.101 [24]closed - 421 952719 -
Thanks,
Brad
Jim B. SBS Community Member
remove the mvp to send email |
|
|
| Back to top |
|
|
Jim Behning
Guest
|
| Posted:
Wed Jan 19, 2005 12:24 am Post subject:
Re: Problems with FTP... User getting 421 error... |
|
|
My home isp will not let me smtp to anythning but their servers. This
makes it real hard to telnet to servers to make sure they are working.
I had one home user account that had a satellite internet. She had to
upgrade because her version would not allow vpn.
"Brad Pears" <donotreply@notreal.com> wrote:
| Quote: | Thanks for the info. This user is actually attempting to log on using the
same username/password combination as many other FTP users that are having
no problems at all getting on to our site. Found out something interesting
though... This user is trying to connect from England using a broadband
connection. As a test, I suggested he try another computer. He tried an
older machine using a dial-up account instead and was able to connect!!!
However the speed is so slow he wants me to get his broadband working. I'm
wondering if it's something in the way that the broadband provider is
routing the IP.
Our firewall indicates an "allowed" incoming connection from his IP so it is
making it's way here, Mayeb the problem is in the routing of the data going
back the other way...
Not sure what to do next...
Brad
"Jim Behning" <jimbehningmvp@atl.mindspring.com> wrote in message
news:hdhou0p6t8f8hm9tbjcpt0npe2mb09vqr6@4ax.com...
I had some issues recently with ftp. Please note that anything I state
is not to be taken as gospel or anything near good security policies.
The administrator could make a ftp connection and see the share. The
remote user could not. The tech mentioned that the ftp user needed to
have log on locally rights. He did mention that this is a security
risk and you need to be strict on a good password policy. I have not
gone back to revisit this comment to understand what it means. Log on
locally should mean a lot to you. I think this was a local policy or
else it was a local domain policy. A google search of log on locally
ftp brought up a bunch of articles.
http://support.microsoft.com/?kbid=239120
"Brad Pears" <donotreply@notreal.com> wrote:
We have a user who is attempting to log onto our FTP site. He can get to
the
point where he is being asked for a username and password. He is
definately
entering the correct username/password and in the FTP log, it even backs
this up.
However, the connection is being closed after the time out period and
there
is an error 421 being reported. The time out is set to 900 seconds (15
minutes).
Obviously he is able to connect to us on port 21 as he is being able to
authenticate - but unable to get any further. This rules out firewall
issues on either end I would think... This user is in England - we are in
Canada - shouldn't pose any issues.
No one else is having this problem and other users are using the exact
same
username/password as this user is. Has anyone seen this type of thing
before??
The log file is showing the connection closing after the time out of 900
seconds (15 minutes) has expired. However, the user is reporting that his
screen errors out long before the 15 minutes is up... after only a few
minutes.
Has anyone had this problem before?
Here is a snippet of the log file...
2005-01-17 20:54:47 80.2.249.101 [25]USER tnlhdom/ftpdealer 331 0 -
2005-01-17 20:54:47 80.2.249.101 [25]PASS - 230 0 -
2005-01-17 21:10:09 80.2.249.101 [25]closed - 421 919172 -
2005-01-17 21:10:39 80.2.249.101 [24]closed - 421 952719 -
Thanks,
Brad
Jim B. SBS Community Member
remove the mvp to send email
|
Jim B. SBS Community Member
remove the mvp to send email |
|
| Back to top |
|
|
Brad Pears
Guest
|
| Posted:
Wed Jan 19, 2005 3:23 am Post subject:
Re: Problems with FTP... User getting 421 error... |
|
|
I suspect this is what is happening in my case. Everyone else can get in to
our FTP site no problem but this person (using the same username/password).
So this would leave me to believe that it is either a packet filtering or
reverse routing issue...
Brad
"Jim Behning" <jimbehningmvp@atl.mindspring.com> wrote in message
news:i0lqu0lbsua1qo2l6b2g8fcar8bf2d9pbt@4ax.com...
| Quote: | My home isp will not let me smtp to anythning but their servers. This
makes it real hard to telnet to servers to make sure they are working.
I had one home user account that had a satellite internet. She had to
upgrade because her version would not allow vpn.
"Brad Pears" <donotreply@notreal.com> wrote:
Thanks for the info. This user is actually attempting to log on using the
same username/password combination as many other FTP users that are
having
no problems at all getting on to our site. Found out something
interesting
though... This user is trying to connect from England using a broadband
connection. As a test, I suggested he try another computer. He tried an
older machine using a dial-up account instead and was able to connect!!!
However the speed is so slow he wants me to get his broadband working.
I'm
wondering if it's something in the way that the broadband provider is
routing the IP.
Our firewall indicates an "allowed" incoming connection from his IP so it
is
making it's way here, Mayeb the problem is in the routing of the data
going
back the other way...
Not sure what to do next...
Brad
"Jim Behning" <jimbehningmvp@atl.mindspring.com> wrote in message
news:hdhou0p6t8f8hm9tbjcpt0npe2mb09vqr6@4ax.com...
I had some issues recently with ftp. Please note that anything I state
is not to be taken as gospel or anything near good security policies.
The administrator could make a ftp connection and see the share. The
remote user could not. The tech mentioned that the ftp user needed to
have log on locally rights. He did mention that this is a security
risk and you need to be strict on a good password policy. I have not
gone back to revisit this comment to understand what it means. Log on
locally should mean a lot to you. I think this was a local policy or
else it was a local domain policy. A google search of log on locally
ftp brought up a bunch of articles.
http://support.microsoft.com/?kbid=239120
"Brad Pears" <donotreply@notreal.com> wrote:
We have a user who is attempting to log onto our FTP site. He can get
to
the
point where he is being asked for a username and password. He is
definately
entering the correct username/password and in the FTP log, it even
backs
this up.
However, the connection is being closed after the time out period and
there
is an error 421 being reported. The time out is set to 900 seconds (15
minutes).
Obviously he is able to connect to us on port 21 as he is being able
to
authenticate - but unable to get any further. This rules out firewall
issues on either end I would think... This user is in England - we are
in
Canada - shouldn't pose any issues.
No one else is having this problem and other users are using the exact
same
username/password as this user is. Has anyone seen this type of thing
before??
The log file is showing the connection closing after the time out of
900
seconds (15 minutes) has expired. However, the user is reporting that
his
screen errors out long before the 15 minutes is up... after only a few
minutes.
Has anyone had this problem before?
Here is a snippet of the log file...
2005-01-17 20:54:47 80.2.249.101 [25]USER tnlhdom/ftpdealer 331 0 -
2005-01-17 20:54:47 80.2.249.101 [25]PASS - 230 0 -
2005-01-17 21:10:09 80.2.249.101 [25]closed - 421 919172 -
2005-01-17 21:10:39 80.2.249.101 [24]closed - 421 952719 -
Thanks,
Brad
Jim B. SBS Community Member
remove the mvp to send email
Jim B. SBS Community Member
remove the mvp to send email |
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in