RE: [WS_FTP Forum] Connection timeout error when making SSL connection

[Troy D. Hilton]

Title: Connection timeout error when making SSL connection

I just spoke with my client and had them try to FTP in without the SSL cert. It’s working just peachy! So, I think my problem is a permissions problem with the tcp ports related to SSL connectivity. I’ll investigate Casey’s suggestion, unless someone else has a better answer. Claudio?   Troy D. Hilton Serveon, Inc. [EMAIL PROTECTED] 302-529-8640 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Terry LeBlanc Sent: Friday, February 03, 2006 11:48 AM To: WSFTP_Forum@list.ipswitch.com Cc: William Davis; Bil Davis (HOME) Subject: RE: [WS_FTP Forum] Connection timeout error when making SSL connection   I'm having a similar problem.  Can't connect using WS_FTP client to WS_FTP Server running on my web server.  Times out...every time...  I'm beyond frustrated...   Good thing I have FileZilla, which is free, and works so I can manipulate files to and from the server securely.  I need to get WS_FTP Server working so that I can use it.  FileZilla was supposed to be my "backup" tool for secure FTP, not my primary.   Terry J. LeBlanc Nailite International   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Troy D. Hilton Sent: Friday, February 03, 2006 10:11 AM To: WSFTP_Forum@list.ipswitch.com Subject: [WS_FTP Forum] Connection timeout error when making SSL connection Hello All, I realize my last email wasn’t quite clear in accurately describing my problem. Let’s see if I can explain it better. This firewall is protecting 1 server, which is running FTP with SSL enabled. This server also has a couple test websites, but that's it. Changing the firewall was actually relatively easy once I understood the User Interface. I'm not as familiar with the SonicWall appliances. I first tried the configuration using a test laptop to mimic the server. For the test, FTP worked like a charm. The difference between the laptop config and production server are these: 1. The production server and regional firewall were configured in transparent mode, instead of NAT. Why? The original owner wanted it that way. 2. The production server is running WS_FTP Server ver. 4.0 with a private SSL Cert. The laptop is running IIS 5 with FTP services and no SSL. So, I decided to change the configuration from transparent mode to NAT mode since the original owner is gone and I have greater liberty. I configured the new firewall for One-to-One NAT and gave the server all new private IP addresses and a private gateway which matched the private IP of the firewall. The public side of the firewall has the original public IP from the previous firewall. I made sure that all of my route tables are correct. I then reconfigured WS_FTP Server to use the new private IP address. And rebooted the server. The result? I am able to communicate from the server to the internet and can access the test websites on the server from the internet, which means inbound and permitted outbound traffic is fine. This is where I have my problem. When I attempt an FTP connection it makes the initial Helo and will authenticate my username and password. I'm then prompted regarding the SSL Certificate and am able to accept it. After a long pause (I have my WS_FTP Pro client set for a 2 minute wait) I get an error that the connection timed out, but I also get the "horn" that means the connection was successful. In fact I even have the active button to disconnect from the session. >From what I figure, I'm actually logged in but not retrieving the directory listing. As for the NIC, it has two ports but I'm not using both ports at the same time so there is no conflict of subnets and routes. I did switch ports on the card thinking that perhaps there was a potential failure of that port. I hope this helps to clarify my situation. I My feeling is that's something simple that's not set or that I'm overlooking. Darned if I know what it is though.   Troy D. Hilton Serveon, Inc. [EMAIL PROTECTED] 302-529-8640