Cannot connect to my own FTP server

[Cyber Akuma]

My laptop runs Windows 7.

I am trying to setup a FTP server on my laptop so other systems in my LAN can access it.

I used GuildFTPd

The FTP server is up and running, I can connect to it just fine locally from the laptop.

However, I cannot connect to it from any other system on my LAN.

I can't even ping my laptop, even though my laptop can ping my other systems.

Any ideas what I can try to fix this?

[Astra.Xtreme]

You might have to open a port in your router via port forwarding.

I use port 44000 for my FTP and it works. :)

[huddy]

And don't forget to check the firewall settings on you laptop. The ports might be closed for FTP.

[hjf288]

You sure Windows firewall isnt blocking it if you havent turned it off?

[Cyber Akuma]

  Escalade_GT said:

You might have to open a port in your router via port forwarding.

I use port 44000 for my FTP and it works. :)

I set the FTP to port 50000 and forwarded ports 50000 though 51000 by it's static ip on my router.

  hjf288 said:

You sure Windows firewall isnt blocking it if you havent turned it off?

Windows firewall actually asked me what to do when it saw it try to connect, I told it to give the program full access.

[Admiral Michael]

This is for local access or over the internet? If it's local then port forwarding on the router isn't needed. Just have everyone use your computer's local IP.

Some routers block NAT redirecting which means you may not be able to access your own FTP server via your Internet IP, going out then back in essentially.

[hjf288]

Try enabling NAT Loopback on your router if its available.

[Cyber Akuma]

It would be nice if I can get internet access too, but right now im just trying to do local.

[+BudMan MVC]

So lets repeat the question are you trying to access the ftp server using its LOCAL ip, say 192.168.1.100 from machine 192.168.1.101 or are you trying to access it by name? ftpservermachine or some outside FQDN say ftp.yourdomain.tld or its public IP address?

As stated making loopback connections quite often does not work (depends on the router supporting this feature or not).. IE coming from machine on your local network trying to go to a public IP or public FQDN and then your router sending it right back (loopback).

If your using the local name that resolves to a local IP, or the local ip from another local machine and its not working you need to verify that any local software firewalls or antivirus software allows for this - quite often antivirus can block access to ftp.

I rarely see a point to running software firewalls on machines behind a nat router - more often then not just causes the users issues. I would suggest you at least for testing disable any and all software firewalls/antivirus/security software on both machines your wanting to test with - both the server and the client. If it then works - you know that is config issue with this software.

You need to verify that the ftp server software is listening on your machines local IP address, you say you can connect from the machine itself - are you just connecting to its 127.0.0.1 address or the name localhost? You say you can not ping this machine from another machine on your network - this could point to a firewall issue or maybe a double nat setup.

Are all machines connected to the same router? Or do you have another router in the network? Also is the machine wired or wireless to your network? Are the other machines wired or wireless? Quite often a wireless router can block wireless machines from talking to other wireless machines (called ap or client isolation as an example)

[Cyber Akuma]

  BudMan said:

So lets repeat the question are you trying to access the ftp server using its LOCAL ip, say 192.168.1.100 from machine 192.168.1.101 or are you trying to access it by name? ftpservermachine or some outside FQDN say ftp.yourdomain.tld or its public IP address?

Local IP

  BudMan said:

As stated making loopback connections quite often does not work (depends on the router supporting this feature or not).. IE coming from machine on your local network trying to go to a public IP or public FQDN and then your router sending it right back (loopback).

... I don't understand.

  BudMan said:

If your using the local name that resolves to a local IP, or the local ip from another local machine and its not working you need to verify that any local software firewalls or antivirus software allows for this - quite often antivirus can block access to ftp.

My antivirus app (Avira AntiVir) has no network managment abilities as far as I know, and I tried disabling both software firewalls on the laptop (COMODO firewall and Windows fireall) but it still woulden't work.

  BudMan said:

I rarely see a point to running software firewalls on machines behind a nat router - more often then not just causes the users issues. I would suggest you at least for testing disable any and all software firewalls/antivirus/security software on both machines your wanting to test with - both the server and the client. If it then works - you know that is config issue with this software.

As I said, I tried that, didn't help.

Also, I use them because I like to know specifically what programs are trying to access the internet and what incoming connections I am getting, as well as the abuilty to block specific ones while letting others through.

  BudMan said:

You need to verify that the ftp server software is listening on your machines local IP address, you say you can connect from the machine itself - are you just connecting to its 127.0.0.1 address or the name localhost? You say you can not ping this machine from another machine on your network - this could point to a firewall issue or maybe a double nat setup.

I was connecting to itself by typing in it's LAN IP.

  BudMan said:

Are all machines connected to the same router? Or do you have another router in the network? Also is the machine wired or wireless to your network? Are the other machines wired or wireless? Quite often a wireless router can block wireless machines from talking to other wireless machines (called ap or client isolation as an example)

They are all behind the same router.

The laptop with the server is wireless, I was trying wired and wireless systems when attempting to connect to it.

Other wired and wireless systems can talk to my desktop just fine.

I used to be able to communicate with my laptop when running Windows Vista, but Windows 7 seems to be much harder.

[+BudMan MVC]

When you have the firewall(s) disabled -- you should NEVER be running more than 1 btw on the same machine.

Can you ping the ftp server machine from the other machine? If you can not even ping it then you have a firewall issue, or a nat issue -- ie something blocking traffic. You say you can access window file shares off the ftp machine from other machines on your network?

Also lets be clear -- are you not even able to connect, or not able to login?

From your client machine on your network - from a command prompt doing ftp to the IP address of the ftp box -- what do you get?

c:\>ftp 10.56.102.68

Connected to 10.56.102.68.

220-GuildFTPd FTP Server © 1997-2002

220-Version 0.999.14

220 Please enter your name:

User (10.56.102.68:(none)):

Do you get this -- or some other error?

[Cyber Akuma]

  BudMan said:

When you have the firewall(s) disabled -- you should NEVER be running more than 1 btw on the same machine.

Can you ping the ftp server machine from the other machine? If you can not even ping it then you have a firewall issue, or a nat issue -- ie something blocking traffic. You say you can access window file shares off the ftp machine from other machines on your network?

Also lets be clear -- are you not even able to connect, or not able to login?

From your client machine on your network - from a command prompt doing ftp to the IP address of the ftp box -- what do you get?

c:\>ftp 10.56.102.68

Connected to 10.56.102.68.

220-GuildFTPd FTP Server ? 1997-2002

220-Version 0.999.14

220 Please enter your name:

User (10.56.102.68:(none)):

Do you get this -- or some other error?

Even with firewalls disabled I cannot ping it.

I can't even connect to the FTP, it times out attempting to connect to the FTP, no response at all.

[anarkhy]

  Cyber Akuma said:

Even with firewalls disabled I cannot ping it.

I can't even connect to the FTP, it times out attempting to connect to the FTP, no response at all.

I have the same problem, cant setup a ftp on my notebook trough wireless, only if i use the lan cable it works.

[+BudMan MVC]

"cant setup a ftp on my notebook trough wireless"

As I said before its quite common for wireless routers as a security feature to block access between wireless clients, and or its possible to block wireless clients from talking to the wired clients or vice versa, etc.

The different makers call it different things, AP or Client isolation, WLAN partition

example from the DWL-7100AP

--

WLAN Partition

Wireless Band

Select the Wireless Band to configure.

Internal Station Connection

When this is enabled there is no barrier between communication among wireless stations connecting to the Access Point. If this is disabled, wireless stations of the selected band (802.11a 0r 802.11g) are not allowed to exchange data through the Access Point. The default value is set to "Enabled".

* Ethernet to WLAN Access

When this is enabled there is no barrier between the data flow from the Ethernet to wireless devices connected to the Access Point. If this is disabled, all data from the Ethernet to associated wireless devices is blocked. Wireless devices can still send data to the Ethernet. The default value is set to "Enabled".

* Connection Between 802.11a & 802.11g

When this is enabled, devices on the 802.11a network are able to exchange data with devices on the 802.11g network through the Access Point. If this is disabled, a partition is created between the networks within the Access Point. That is, data from any associated device on the 802.11a cannot send data to or receive data from another device on the 802.11g network through the Access Point.

--

If you can not even PING the box -- then yeah is highly unlikely FTP is going to work! ;) You need to understand what is blocking your ability to even ping.. Question when you ping the box by its ip -- does it's mac address show up in your arp table? From your test box, ping the IP - after it finishes and times out, look at your arp cache.

arp -a

Does it list mac for your ftp machines IP address? Is it the Correct MAC? You can view the mac of an interface by using the ipconfig /all command.

I would suggest you test with putting your boxes with a wire to the same router.. If you can not ping then you have a firewall/security software issue. Fix this -- understanding the software your using is the first battle :)

Its amazing how much more trouble software firewalls cause users issues vs any type of protection.. Your on a Private lan -- you have no use for a software firewall unless there are boxes on your network that have to be treated as hostile.. As to controlling applications access to the network -- this has no real legit use and has been gone over in other thread.. Use it if you want -- but you have to freaking understand how to configure your firewall.

I will fire up windows 7 when I get home and run this guildftp server on it -- it should take about 15 seconds to get it working.

[Cyber Akuma]

  BudMan said:

If you can not even PING the box -- then yeah is highly unlikely FTP is going to work! ;) You need to understand what is blocking your ability to even ping.. Question when you ping the box by its ip -- does it's mac address show up in your arp table? From your test box, ping the IP - after it finishes and times out, look at your arp cache.

arp -a

Does it list mac for your ftp machines IP address? Is it the Correct MAC? You can view the mac of an interface by using the ipconfig /all command.

Am I supposed to do this from the laptop (which has the ftp server running) or from another computer to the laptop?

  BudMan said:

I would suggest you test with putting your boxes with a wire to the same router.. If you can not ping then you have a firewall/security software issue. Fix this -- understanding the software your using is the first battle :)

My laptop can ping the other systems, but my other systems cannot ping the laptop.

I can even ping other wired and wirless devices from both my desktop or laptop like my Cellphone, Playstation 3, or Nintendo Wii.

  BudMan said:

Its amazing how much more trouble software firewalls cause users issues vs any type of protection.. Your on a Private lan -- you have no use for a software firewall unless there are boxes on your network that have to be treated as hostile.. As to controlling applications access to the network -- this has no real legit use and has been gone over in other thread.. Use it if you want -- but you have to freaking understand how to configure your firewall.

I will fire up windows 7 when I get home and run this guildftp server on it -- it should take about 15 seconds to get it working.

Its mostly for knowing which apps try to access my network or internet and allowing or denying them on a per-app basis.

Also an extra layer of protection.

[+BudMan MVC]

How would checking if the mac is correct make sense if you were trying to ping the box running ftp from that same box?

Not what part of "From your test box" was not clear?

Again if you can not ping your box running the ftp from another machine --- why do you think you should be able to ftp to it? Your problem points to Firewall problem.

As to "extra layer of protection" -- pointless, and again seems to be causing you more grief than any "extra" anything -- unless you like extra grief ;)

[Cyber Akuma]

  BudMan said:

How would checking if the mac is correct make sense if you were trying to ping the box running ftp from that same box?

Not what part of "From your test box" was not clear?

You don't have to insult me, I missed that part when I was reading it.

And no, it's mac address didn't show u[ in my arp table.

Connecting it by wire didn't change anything either.

  BudMan said:

Again if you can not ping your box running the ftp from another machine --- why do you think you should be able to ftp to it? Your problem points to Firewall problem.

As to "extra layer of protection" -- pointless, and again seems to be causing you more grief than any "extra" anything -- unless you like extra grief ;)

I already said I tried disabling ALL firewalls on the system, but I still could not ping it.

[+BudMan MVC]

So you got all zeros for the mac? Or the wrong mac? Or just nothing listed for that IP? After trying to ping the IP address of the box running ftp from the test box. Also when you try to ping do you get timeout, or destination host not reachable?

Even when your wired to the same router?

Ping your test box from the ftp box, then look at the arp table on the test box -- do you see the mac now? Can you ping it now?

If not try setting a static arp on the test box pointing to the ftp box.

your never going to be able to communicate to it if you can not even arp for its mac, the firewall does not normally block arp -- but I will have to double check the windows 7 firewall.. But it would be rare that it does not arp.

You SURE these machines are on the same network. not some nat device or bridge device between them, no voip device, etc?

edit: Ok I just booted my windows 7 machine, I then set the firewall to block ALL inbound connections on both private and public and then pinged it from another machine. As can see the ping was blocked. But it got the mac

--

C:\Documents and Settings\Administrator>arp -a

Interface: 192.168.1.4 --- 0x10005

Internet Address Physical Address Type

192.168.1.253 00-50-04-d8-e8-be dynamic

C:\Documents and Settings\Administrator>ping 192.168.1.172

Pinging 192.168.1.172 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.

Ping statistics for 192.168.1.172:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\Documents and Settings\Administrator>arp -a

Interface: 192.168.1.4 --- 0x10005

Internet Address Physical Address Type

192.168.1.172 00-21-9b-03-ac-a7 dynamic

192.168.1.253 00-50-04-d8-e8-be dynamic

--

I show the arp cache before the ping to show that the machine did not now the windows 7 machines mac.

If your not able to arp for the machines mac then you got something more than the windows 7 firewall causing you issues -- do you have some 3rd party firewall installed? Again do you have devices in between you and the test machine, etc.

If you can not arp for its mac, then no your never going to be able to communicate with it, you can try setting a static arp -- but you have something wrong if you can not normally arp for its mac.

Edited March 31, 2009 by BudMan

[Cyber Akuma]

  BudMan said:

So you got all zeros for the mac? Or the wrong mac? Or just nothing listed for that IP? After trying to ping the IP address of the box running ftp from the test box. Also when you try to ping do you get timeout, or destination host not reachable?

The FTP server is running on my laptop, I tried pinging my laptop with it's lan IP, basically I pinged itself, it worked fine.

The laptop's LAN ip was not listed in the arp table.

  BudMan said:

Even when your wired to the same router?

  BudMan said:

Ping your test box from the ftp box, then look at the arp table on the test box -- do you see the mac now? Can you ping it now?

You mean ping my laptop with my desktop?

It just times out.

However, the laptop's lan IP and Mac address DID appear in my desktop's ARP table.

  BudMan said:

If not try setting a static arp on the test box pointing to the ftp box.

I don't understand, what do you mean by a static arp?

They all have static IPs if that is what you are referring to.

  BudMan said:

your never going to be able to communicate to it if you can not even arp for its mac, the firewall does not normally block arp -- but I will have to double check the windows 7 firewall.. But it would be rare that it does not arp.

You SURE these machines are on the same network. not some nat device or bridge device between them, no voip device, etc?

Every networked system in my house, ethernet or wifi, connects directly to the same one router.

  BudMan said:

edit: Ok I just booted my windows 7 machine, I then set the firewall to block ALL inbound connections on both private and public and then pinged it from another machine. As can see the ping was blocked. But it got the mac

--

C:\Documents and Settings\Administrator>arp -a

Interface: 192.168.1.4 --- 0x10005

Internet Address Physical Address Type

192.168.1.253 00-50-04-d8-e8-be dynamic

C:\Documents and Settings\Administrator>ping 192.168.1.172

Pinging 192.168.1.172 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.

Ping statistics for 192.168.1.172:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\Documents and Settings\Administrator>arp -a

Interface: 192.168.1.4 --- 0x10005

Internet Address Physical Address Type

192.168.1.172 00-21-9b-03-ac-a7 dynamic

192.168.1.253 00-50-04-d8-e8-be dynamic

--

I show the arp cache before the ping to show that the machine did not now the windows 7 machines mac.

If your not able to arp for the machines mac then you got something more than the windows 7 firewall causing you issues -- do you have some 3rd party firewall installed? Again do you have devices in between you and the test machine, etc.

If you can not arp for its mac, then no your never going to be able to communicate with it, you can try setting a static arp -- but you have something wrong if you can not normally arp for its mac.

Hmm.... this is odd, NOW the 3rd party firewall has made it clear that this is what was causing it.

I again tried disabling all firewalls and pinging it, but unlike last time it actually went through.

So I one by one enabled them and finally when just my 3rd party firewall was running it was blocked.

Considering this is the first thing I checked, multiple times, when I couldn't ping my laptop I have no idea why NOW its finally shown itself.

... what is even weirder, is that I had this SAME firewall and ftp server app installed on this system when I was running Vista on it, and it actually worked perfectly then.

Anyway, I just checked, my favorite firewall (Kerio/Sunbelt Personal Firewall) has FINALLY been updated to support Vista.

Im going to see if I can get it running in place of Comodo, because I far prefer Kerio to Comodo.

Oh by the way.... even with all firewalls disabled and the desktop able to ping the laptop, the laptop STILL did not display it's own IP or MAC address in the arp table after I pinged itself.

[+BudMan MVC]

pinging the machine from the same machine is not really a valid test, and no the arp table will not show your machines own mac.

As to weirder -- IMHO its not weird seeing users having issues with firewalls, it see it every single day.

As brought up in the beginning of the thread your issues was firewall related. Now since you say its working after you redid your firewalls its working is not weird.

I would suggest rethink what running a software firewall behind a nat, on a NON-hostile network buys you other than grief, cpu overhead and added configuration.