No access to the folders of an FTP Server: 425 Can't open data connection for transfer of "/"

Description

From a private Zone (such as LAN, DMZ) it's possible to get access to the FTP Server, but from the Wan Zone the access to the folders is denied.

If you run a packet capture, the packets should be correctly forwarded to the Server but the FTP Server should display an error as shown below:


425 Can't open data connection for transfer

 

Image

 

It could be possible that the FTP Server doesn't accept an inbound connection from a source IP address that is Public.

 

 

 

 

 

Resolution

Be sure to configure the FTP Server as shown in the following guide:

Configuration for a Passive Mode FTP Server behind the SonicWall. (SW10090)

 

A workaround would be to change the public source IP to a private source IP using a NAT policy.

Example below:

 

Original Source  : ANY

Translated Source : A private IP address

Original Destination  : FTP Server Public (typically X1 or a WAN interface)

Translated Destination  : Private IP address FTP Server

Original Service  : FTP Custom Group

Translated Service  : ORIGINAL

Inbound Interface  : X1 (or the WAN interface used)

Outbound Interface  : Any

 

Image

 

You should now be able to get access to the folders of the FTP Server.

Related Articles

  • SonicOS 8.1.0 FAQ
    Read More
  • SonicWall GEN8 TZs and GEN8 NSas Settings Migration
    Read More
  • Getting started with SonicWall firewalls
    Read More

Categories

Firewalls
SonicWall NSA Series
Firewalls
SonicWall SuperMassive 9000 Series
Firewalls
SonicWall SuperMassive E10000 Series
Firewalls
TZ Series
not finding your answers?
Ask the Community