I'm also working on this. When the client issues AUTH TLS, the server must understand and reply 234 "Explanatory text". There are no native Microsoft Windows Servers that understand AUTH TLS. I have downloaded and tested around 16 3rd party Windows FTP Servers. Most worked with z/OS as client. I'm writing my summary today. Turning on DEBUG in the z/OS client can be useful. Search IBMLINK with the error message, there's a useful II entry. The FileZilla Client at sourceforge works from windows to z/OS. The FileZilla Server responds incorrectly with 334 not 234. I'm trying to get their attention and ask them to fix this.
-----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Joel Ivey Sent: Friday, June 17, 2005 11:49 AM To: IBM-MAIN@BAMA.UA.EDU Subject: ftps secure ftp auth tls I've browsed thru the much discussion on secure ftp lately, picked up some good tips, but have not come across this particular problem. Any help will be appreciated. (Sorry if this gets confusing. Internal means behind the network firewall. External means outside. IP addresses are just examples.) Attempts to go from internal zos ftps client to internal zos ftps server (10.16.x.x to 10.16.33.x) is successful. Attempts to go from internal zos ftps client to external ftps server fails. (10.16.x.x to 64.x.x.x). We get message, 500 Syntax error, command unrecognized: "AUTH TLS". See the cut-n-paste below. Attempts to go from external win2k ftps client to internal zos ftps server fails with the same message. (204.x.x.x to 167.x.x.x NATed to 10.16.33.x) Attempts to go from external win2k ftps client to external ftps server is successful. (204.x.x.x to 64.x.x.x). I suspect a firewall issue and am trying to work with the network folks on confirming this. I've already got the zos firewall configured to allow traffic through. Turning server DEBUG options on would need to be done on the external ftps server, of which I have no control. Anybody run into this problem when setting up ftps on zos? 220-FTPC1 IBM FTP CS V1R4 at x.x.x.x, 17:26:43 on 2005-06-17 220 Connection will close if idle for more than 5 minutes. EZA1701I >>> AUTH TLS 500 Syntax error, command unrecognized: "AUTH TLS" EZA2897I Authentication negotiation failed Thanks, Joel ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
