VMware Cloud Community
tom11011
Contributor
Contributor
‎07-17-2007 09:53 AM

Problem FTP'ing out from ESX server

Hello all-

I'm having an issue with FTP'ing out of my esx server to a remote ftp server running on linux. The connection is created but there is an issue with active/passive that will not allow data to pass. Here is an exerpt from the communication:

\[root@dtvmware1 root]# ftp 10.1.1.5

Connected to 10.1.1.5 (10.1.1.5).

220 10.1.1.5 FTP server ready

Name (10.1.1.5:root): tom

331 Password required for tom.

Password:

230 Anonymous access granted, restrictions apply.

Remote system type is UNIX.

Using binary mode to transfer files.

ftp> put install.log

local: install.log remote: install.log

227 Entering Passive Mode (10,1,1,5,238,33).

ftp: connect: Connection refused

and that's as far as I can get. I tried changing to active but my session freezes.

Any help appreciated.

0 Kudos
8 Replies
grasshopper
Virtuoso
Virtuoso
‎07-17-2007 10:31 AM

I'm guessing you already opened port 21 on your ESX firewall, but the passive connection is opened on some random port that is blocked.

To determine if it's the ESX firewall (or for an easy fix) you can run the following 3 commands:

esxcfg-firewall --allowIncoming

esxcfg-firewall --allowOutgoing

/etc/init.d/firewall restart

Keep in mind that this completely turns off the firewall. For more information type 'man esxcfg-firewall'.

0 Kudos
BUGCHK
Commander
Commander
‎07-17-2007 10:33 AM

It is a very strange thing and I have seen this on automated installations as well:

\- sometimes it is enough to enable FTPClient in the firewall and outgoing FTP works great.

\- on other tries with the very same procedure it fails!

The only workaround I could come up with was:

esxcfg-firewall -e ftpClient

esxcfg-firewall --allowOutgoing

0 Kudos
tom11011
Contributor
Contributor
‎07-17-2007 11:30 AM

How do I undo that command after trying?

thanks.

0 Kudos
acmcnick
Enthusiast
Enthusiast
‎07-17-2007 02:54 PM

esxcfg-firewall -d ftpClient or

esxcfg-firewall -c 21,tcp,out

esxcfg-firewall -l (Re-load Firewall Config)

0 Kudos
PeteLong
Contributor
Contributor
‎06-24-2009 01:26 AM

Hi Guys

Just to be sure

# esxcfg-firewall -e ftpClient

# esxcfg-firewall --allowOutgoing

Lets me FTP Out - but haw do I re-enable the firewall back to its original settings when Im finished?:D

0 Kudos
Penic_Albin
Hot Shot
Hot Shot
‎06-24-2009 02:06 AM

use those commands:

/usr/sbin/esxcfg-firewall --BlockIncoming

/usr/sbin/esxcfg-firewall --BlockOutgoing

AP

If you find this information useful, please award points for "correct" or "helpful".
0 Kudos
PeteLong
Contributor
Contributor
‎06-24-2009 03:14 AM

ThanQ - Your help is much appreciated Smiley Happy

0 Kudos
Penic_Albin
Hot Shot
Hot Shot
‎06-24-2009 03:32 AM

If you find this information useful, please award points for "correct" or "helpful".

If you find this information useful, please award points for "correct" or "helpful".
0 Kudos