Ports 990 and 989

Unanswered Question
Mar 20th, 2009
User Badges:

I just have a general question here,I have a server that initiates a connection out to the internet to do a FTPS on port 990 I see the initail connection on port 990 happening but I don't see the data port 989 is the problem on the distant end or is it on my end the near end? I was thinking it has to be the distant end beause I am logged into their box and authenticated and I do see 990 open but the data port 989 I never see.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Yudong Wu Sat, 03/21/2009 - 12:58
User Badges:
  • Gold, 750 points or more

1. In your client side, can you verify if it is operating in passive mode? If not, configure your FTP client in "passive mode" and try again.

2. Make FTPS server is in "Implicit" mode so that it will listen to port 989.

3. There might be a firewall between client and server to block port 989. You can have a client connect to server directly to see if it works fine. HTH.

wgranada1 Sun, 03/22/2009 - 07:33
User Badges:

Distant end says that we need to use Active/Port mode


Have to check if we are using implicit


Firewall has been open for port 990 and data 989


But thank for the info I will double check

wgranada1 Mon, 03/23/2009 - 07:59
User Badges:

Hi ok at least we are moving in the right direction. I can now connect to port 990 but the data port 989 isn't working. Unable to transfer files or do a simple directory. Both ports are open on the firewall and I do see on port 990 the hitcount go up but not on port 989

Yudong Wu Mon, 03/23/2009 - 08:31
User Badges:
  • Gold, 750 points or more

On your FTPS client, can you try Active and Pasive mode to see which one works?

I suggest you to do a sniffer on client side to see what happens?

wgranada1 Mon, 03/23/2009 - 08:36
User Badges:

sorry I've should of put that down, yes we tried both passive and active and implicit/explict and none work. Going to try to enable ports 1024 and higher instead of port 989 and see what happens

wgranada1 Mon, 03/23/2009 - 09:46
User Badges:

We have resolved the issue, this is what we did to fix the FTPS issue.


Problem:


When using FTPS to connect on ports 990 and 989 we can make the initial connection to port 990 but the data port 989 doesn't work. Symptoms are we cannot do a file transfer or do a simple directory lookup.


Solution:


Instead of opening up the data port 989 what was done to fix it was use a random port of anything higher than 1024. In this case we used port 22333 and changed on the server to listen to port 22333 instead of 989. When we attempted to connect, port 990 worked as usual and then data port 22333 work and we where able to transfer files.


So in short what worked for me for FTPS was using the normal port of


990


and using data port higher than 1024

Yudong Wu Mon, 03/23/2009 - 09:59
User Badges:
  • Gold, 750 points or more

Thanks for posting the result.

Not sure why it did not work on standard port. It should be related to who will initiate the traffic in data-channel.



wgranada1 Mon, 03/23/2009 - 13:02
User Badges:

Yeah I know I thought it was a silly idea as it didn't make much sense. Everything I read said to use port 990 and 989. Not sure why that didn't work or what I was doing wrong but this seemed to work and we are ftps with out issues now. Thank you for your help on this...much appreciated!!!!!

Actions

This Discussion