Determining FTP2 Connection Settings
There are many FTP2 component properties that affect how data connections are established between the FTP client (Chilkat FTP2) and the FTP server. Finding a workable combination of property settings for a given client/server situation can be difficult. This blog post can hopefully provide some guidance.
Before beginning, it is crucial to understand one basic thing about the FTP protocol: The control connection (typically port 21 or 990) is used for sending commands and getting responses. File uploads/downloads and directory listings are NOT transferred over the control channel. A separate data connection is established for each transfer. One side is responsible for choosing a port number and accepting the data connection, the other side initiates the connection. The direction of the data connection establishment is controlled by the Passive property setting. Passive=true uses passive mode. If Passive=false, then “Active” mode (also known as “port” mode) is used.
Active Mode: The FTP client chooses a port number and sends a “PORT” command to the FTP server. The FTP client then listens at the chosen port and the FTP server issues a connect request to establish the connection. The data connection is outgoing from the FTP server, and incoming to the FTP client.
Passive Mode:The FTP client sends a PASV command to the FTP server. The FTP server chooses a port number and sends it in the PASV response. The FTP server then listens at that port for the incoming connect request from the FTP client. The data connection is incoming to the FTP server, and outgoing from the FTP client.
The data connection establishment can be blocked at either side (client or server) by many things: firewalls, TCP/IP port filtering, anti-virus, NAT routers causing problems, etc.
If a file upload or download fails with the dreaded “WSAEWOULDBLOCK” message in the LastErrorText, it means that something blocked the data connection.
The first thing to try in resolving the problem is to reverse the value of the Passive property. If that doesn’t work, try calling the DetermineSettings method to try a collection of approximately 15 different combinations of property settings. Examples for DetermineSettings can be found at example-code.com.
The DetermineSettings method does not try all combinations of property settings. It cannot because there are too many potential combinations.
The FTP2 property settings involved in the data connection establishment are:
- ActivePortRangeEnd
- ActivePortRangeStart
- AuthSsl
- AuthTls
- ForcePortIpAddress
- Passive
- PassiveUseHostAddr
- Ssl
- UseEpsv
If you are able to transfer files using other FTP client software, such as FileZilla, then you should examine the settings of that program and duplicate them w/ Chilkat FTP2. If you are unsure, you can narrow down the possible combinations by setting the known values. For example, if you know that FileZilla is working in Passive mode, then you may set the Passive property = true. This reduces the number of possible combinations by 50%. Here are some guidelines for duplicating the settings of another FTP client, such as FileZilla:
- You should certainly know whether the mode being used is Passive or Active (non-passive), so set the FTP2’s passive property appropriately.
- If Active mode is used, check to see if your FTP client is using a port range. If so, then set the ActivePortRangeStart and ActivePortRangeEnd properties to the same values. If not, leave these properties unset.
- If implicit SSL is used (typically port 990) then set the Ssl property = true. (Implicit SSL and explicit SSL are mutually exclusive. if Ssl = true, then both AuthSsl and AuthTls should = false)
- If explicit SSL is used (AUTH TLS or AUTH SSL) then set either AuthTls = true or AuthSsl = true. Usually it doesn’t matter which because both commands are technically the same. Some servers require the “AUTH SSL” command whereas others require “AUTH TLS”. Most servers don’t care and accept either.
- If Passive mode is used, test with both PassiveUseHostAddr on and off. Also test with both UseEpsv on and off. The ForcePortIpAddress only applies to Active mode, so it can be ignored.
- If Active mode is used, test with ForcePortIpAddress both on and off. The PassiveUseHostAddr and UseEpsv properties don’t apply when in Active mode.
Still cannot get it to work? Programs such as anti-virus may have exceptions for some applications. It could be that these apps were marked as “trusted” at some earlier time whereas your custom application is not trusted by the anti-virus program.
Cannot get anything to work including all FTP clients such as FileZilla, WS FTP, Internet Explorer, etc.? It probably means that so many barriers exist on both client and server sides (firewalls, port filtering, anti-virus, NAT routers…) that something must be “opened up” in some way to allow FTP to work.