How do I troubleshoot FTP issues?


This article applies to:

  • Firewall Suite 4.X

Question:

How do I troubleshoot FTP issues?

Symptoms:

  • I am trying to access my log files for the Firewall Suite analysis through FTP and it does not appear to be working.

Procedure:

This document is intended to clarify and expand on the information contained in the Firewall Suite manual regarding the use of FTP.

  • Space in the file or directory name:
    The Firewall Suite FTP function does not permit the use of directories containing spaces.

  • Always use the Browse function:

    If you are experiencing trouble accessing the log file and you are receiving a "Server cannot open file" error message, try entering the FTP address into the Log File URL Path field (i.e. ftp.domain.com or IP address). To the right of this field, select the Login button and enter the user name and password allowing access to the FTP server. Then, instead of clicking OK, click the Browse button and navigate through the directory structure to the log files using the explorer-type interface. By doing this, typographical and other syntax errors are eliminated.

    When selecting multiple log files, select a single log file from the list as described above. The path specified will appear as an address similar to ftp.domain.com/path/logfile.log. Replace the logfile.log with *.log.

  • When passive FTP is used, the server opens a port and the client connects to the server. Passive FTP is preferable where there is a firewall between the client and the server. This is because firewalls are typically configured to block incoming connections that are not recognized. Although some firewalls can parse the FTP data requests and allow active FTP connections, many require passive FTP connections.

    To configure Passive FTP: On the main console window menu (top left) click Tools> Options. Expand Main > Access to Internet and check the box Enable FTP PASV Mode.

  • When active FTP is used, the client opens the port and the server connects to the client.

  • No FTP access through proxy server:
    WebTrends cannot provide FTP access through a proxy server, either incoming or outgoing, unless the proxy server is configured to allow all activity through port 21.



This article was previously published as:
NETIQKB2640

Last Modified 4/12/2006.
https://support.trustwave.com/kb/KnowledgebaseArticle10492.aspx