Vista firewall problems

A

Aaron Wheeler

I am trying to connect to an ftp site from my laptop, running on Vista Pro .
I have tried using FileZilla, IE, and Firefox in each case, I am able to
connect to the ftp site if the windows firewall is off, but not able to
connect if the windows firewall is on. I have selected each of these programs
as "exceptions" to the firewall.

Any suggestions? This is a really frustrating problem. What would the
downside be to simply leave the windows firewall off?
 
M

Mr. Arnold

"Aaron Wheeler" <AaronWheeler@discussions.microsoft.com> wrote in message
news:2145CFF4-7E75-4126-AC4C-5695EAA1C9F9@microsoft.com...
>I am trying to connect to an ftp site from my laptop, running on Vista Pro
>.
> I have tried using FileZilla, IE, and Firefox in each case, I am able to
> connect to the ftp site if the windows firewall is off, but not able to
> connect if the windows firewall is on. I have selected each of these
> programs
> as "exceptions" to the firewall.

You don't have the right rules set on the FW, and communication is being
blocked.

>
> Any suggestions? This is a really frustrating problem. What would the
> downside be to simply leave the windows firewall off?

If the machine is not behind a router then it's going to be compromised in a
matter of seconds by self populating Trojans and worms, coming over the
Internet from other machines that have been compromised. The machine may
already be compromised.
 
A

Aaron Wheeler

Thanks for telling me what I'm doing wrong: "You don't have the right rules
set on the FW."

Now can you tell me how to fix it?

"Mr. Arnold" wrote:

>
> "Aaron Wheeler" <AaronWheeler@discussions.microsoft.com> wrote in message
> news:2145CFF4-7E75-4126-AC4C-5695EAA1C9F9@microsoft.com...
> >I am trying to connect to an ftp site from my laptop, running on Vista Pro
> >.
> > I have tried using FileZilla, IE, and Firefox in each case, I am able to
> > connect to the ftp site if the windows firewall is off, but not able to
> > connect if the windows firewall is on. I have selected each of these
> > programs
> > as "exceptions" to the firewall.
>
> You don't have the right rules set on the FW, and communication is being
> blocked.
>
> >
> > Any suggestions? This is a really frustrating problem. What would the
> > downside be to simply leave the windows firewall off?
>
> If the machine is not behind a router then it's going to be compromised in a
> matter of seconds by self populating Trojans and worms, coming over the
> Internet from other machines that have been compromised. The machine may
> already be compromised.
>
>
 
D

dean-dean

Check in IE7 Tools > Internet Options, on the Advanced tab, regarding the
use of Passive FTP, and the Passive FTP settings in your other programs.

"Aaron Wheeler" <AaronWheeler@discussions.microsoft.com> wrote in message
news:2145CFF4-7E75-4126-AC4C-5695EAA1C9F9@microsoft.com...
>I am trying to connect to an ftp site from my laptop, running on Vista Pro
>.
> I have tried using FileZilla, IE, and Firefox in each case, I am able to
> connect to the ftp site if the windows firewall is off, but not able to
> connect if the windows firewall is on. I have selected each of these
> programs
> as "exceptions" to the firewall.
>
> Any suggestions? This is a really frustrating problem. What would the
> downside be to simply leave the windows firewall off?
 
A

Aaron Wheeler

Thanks, Dean. In IE, "Use Passive FTP" is clicked, and the other programs are
set to passive, as well. I think the setting has to be passive to be able to
connect with the server (with the firewall off).

Any other ideas?

"dean-dean" wrote:

> Check in IE7 Tools > Internet Options, on the Advanced tab, regarding the
> use of Passive FTP, and the Passive FTP settings in your other programs.
>
> "Aaron Wheeler" <AaronWheeler@discussions.microsoft.com> wrote in message
> news:2145CFF4-7E75-4126-AC4C-5695EAA1C9F9@microsoft.com...
> >I am trying to connect to an ftp site from my laptop, running on Vista Pro
> >.
> > I have tried using FileZilla, IE, and Firefox in each case, I am able to
> > connect to the ftp site if the windows firewall is off, but not able to
> > connect if the windows firewall is on. I have selected each of these
> > programs
> > as "exceptions" to the firewall.
> >
> > Any suggestions? This is a really frustrating problem. What would the
> > downside be to simply leave the windows firewall off?
>
 
D

dean-dean

I should add that by default, "Use passive FTP" has a checkmark, to help
alleviate triggering the Firewall.

"dean-dean" <dean-dean@discussions.microsoft.com> wrote in message
news:57098CB6-A79F-410D-8604-5F8862A38C95@microsoft.com...
> Check in IE7 Tools > Internet Options, on the Advanced tab, regarding the
> use of Passive FTP, and the Passive FTP settings in your other programs.
>
> "Aaron Wheeler" <AaronWheeler@discussions.microsoft.com> wrote in message
> news:2145CFF4-7E75-4126-AC4C-5695EAA1C9F9@microsoft.com...
>>I am trying to connect to an ftp site from my laptop, running on Vista Pro
>>.
>> I have tried using FileZilla, IE, and Firefox in each case, I am able to
>> connect to the ftp site if the windows firewall is off, but not able to
>> connect if the windows firewall is on. I have selected each of these
>> programs
>> as "exceptions" to the firewall.
>>
>> Any suggestions? This is a really frustrating problem. What would the
>> downside be to simply leave the windows firewall off?
>
 
D

dean-dean

Well, you could try, with the Firewall on, and in Internet Options, on the
Advanced tab, having "Use Passive FTP" checked, click to clear the Enable
folder view for FTP sites check box.

Internet Explorer, at least on Windows XP, behaves as a Standard mode FTP
client if you select the Enable folder view for FTP sites check box, even if
you also select the Use Passive FTP check box. See:

How to configure Internet Explorer to use both the FTP PORT mode and the FTP
PASV mode in the Windows Server 2003 Family:
http://support.microsoft.com/kb/323446

As yet, I'm not sure if this applies to Vista as well. In my own
experience, I've not experienced problems with the Firewall on and having
both "Enable FTP folder view" and "Use Passive FTP" checked. In an FTP
client like FileZilla, check to see through it's logging function just what
commands are being used (PORT or PASV), and which are being accepted by the
server.

"Aaron Wheeler" <AaronWheeler@discussions.microsoft.com> wrote in message
news:A8441FE1-6A60-4CF7-97EB-199EFE002634@microsoft.com...
> Thanks, Dean. In IE, "Use Passive FTP" is clicked, and the other programs
> are
> set to passive, as well. I think the setting has to be passive to be able
> to
> connect with the server (with the firewall off).
>
> Any other ideas?
>
> "dean-dean" wrote:
>
>> Check in IE7 Tools > Internet Options, on the Advanced tab, regarding
>> the
>> use of Passive FTP, and the Passive FTP settings in your other programs.
>>
>> "Aaron Wheeler" <AaronWheeler@discussions.microsoft.com> wrote in message
>> news:2145CFF4-7E75-4126-AC4C-5695EAA1C9F9@microsoft.com...
>> >I am trying to connect to an ftp site from my laptop, running on Vista
>> >Pro
>> >.
>> > I have tried using FileZilla, IE, and Firefox in each case, I am able
>> > to
>> > connect to the ftp site if the windows firewall is off, but not able to
>> > connect if the windows firewall is on. I have selected each of these
>> > programs
>> > as "exceptions" to the firewall.
>> >
>> > Any suggestions? This is a really frustrating problem. What would the
>> > downside be to simply leave the windows firewall off?
>>
 
M

Mr. Arnold

"Aaron Wheeler" <AaronWheeler@discussions.microsoft.com> wrote in message
news:7132C001-A43D-48AF-8F9A-04672FA1596C@microsoft.com...
> Thanks for telling me what I'm doing wrong: "You don't have the right
> rules
> set on the FW."
>
> Now can you tell me how to fix it?

Well, with Vista FW enabled, I was only able to connect to one FTP site that
happened to be a MAC site, out 10 FTP sites I went to.

That was using IE 7. So, I don't know what the problem is and I'll take your
word that all sties worked when you dropped the FW. I'll have to investigate
what is happening.
 
D

dean-dean

Too, I guess you could see what happens when you use Windows Explorer to
connect, with the Firewall on. There are basically three ways to do this
("Enable folder view for FTP sites" must be checked):

1. In IE7, by clicking on Page on the Command bar, and then click Open FTP
Site in Windows Explorer.
2. Typing, say, ftp://ftp.microsoft.com/ in the address box of Windows
Explorer. (Right-click the box, choosing Edit Address).
3. Putting a shortcut in Computer, by using the "Add a Network Location"
Wizard. (Right-click inside Computer, choosing "Add a Network Location").

Of course, option 1 is not viable for you, since, for purposes of this test,
the Firewall is on, and that seems to disallow access your site using IE7.
My guess is that your server is only allowing Standard, not Passive, mode,
whereby the FTP server always starts the data connection from TCP port 20.
(The FTP server must open a new connection to the client when it sends or
receives data, and the FTP client requests this by using the PORT command
again).

"dean-dean" <dean-dean@discussions.microsoft.com> wrote in message
news:8BD6F661-B3C5-495E-BF19-E1FE6D6B13A2@microsoft.com...
> Well, you could try, with the Firewall on, and in Internet Options, on the
> Advanced tab, having "Use Passive FTP" checked, click to clear the Enable
> folder view for FTP sites check box.
>
> Internet Explorer, at least on Windows XP, behaves as a Standard mode FTP
> client if you select the Enable folder view for FTP sites check box, even
> if you also select the Use Passive FTP check box. See:
>
> How to configure Internet Explorer to use both the FTP PORT mode and the
> FTP PASV mode in the Windows Server 2003 Family:
> http://support.microsoft.com/kb/323446
>
> As yet, I'm not sure if this applies to Vista as well. In my own
> experience, I've not experienced problems with the Firewall on and having
> both "Enable FTP folder view" and "Use Passive FTP" checked. In an FTP
> client like FileZilla, check to see through it's logging function just
> what commands are being used (PORT or PASV), and which are being accepted
> by the server.
>
> "Aaron Wheeler" <AaronWheeler@discussions.microsoft.com> wrote in message
> news:A8441FE1-6A60-4CF7-97EB-199EFE002634@microsoft.com...
>> Thanks, Dean. In IE, "Use Passive FTP" is clicked, and the other programs
>> are
>> set to passive, as well. I think the setting has to be passive to be able
>> to
>> connect with the server (with the firewall off).
>>
>> Any other ideas?
>>
>> "dean-dean" wrote:
>>
>>> Check in IE7 Tools > Internet Options, on the Advanced tab, regarding
>>> the
>>> use of Passive FTP, and the Passive FTP settings in your other programs.
>>>
>>> "Aaron Wheeler" <AaronWheeler@discussions.microsoft.com> wrote in
>>> message
>>> news:2145CFF4-7E75-4126-AC4C-5695EAA1C9F9@microsoft.com...
>>> >I am trying to connect to an ftp site from my laptop, running on Vista
>>> >Pro
>>> >.
>>> > I have tried using FileZilla, IE, and Firefox in each case, I am able
>>> > to
>>> > connect to the ftp site if the windows firewall is off, but not able
>>> > to
>>> > connect if the windows firewall is on. I have selected each of these
>>> > programs
>>> > as "exceptions" to the firewall.
>>> >
>>> > Any suggestions? This is a really frustrating problem. What would the
>>> > downside be to simply leave the windows firewall off?
>>>
>
 
A

Aaron Wheeler

None of those three methods works with the firewall on. If I take the
firewall off, each of the methods works perfectly. :(

"dean-dean" wrote:

> Too, I guess you could see what happens when you use Windows Explorer to
> connect, with the Firewall on. There are basically three ways to do this
> ("Enable folder view for FTP sites" must be checked):
>
> 1. In IE7, by clicking on Page on the Command bar, and then click Open FTP
> Site in Windows Explorer.
> 2. Typing, say, ftp://ftp.microsoft.com/ in the address box of Windows
> Explorer. (Right-click the box, choosing Edit Address).
> 3. Putting a shortcut in Computer, by using the "Add a Network Location"
> Wizard. (Right-click inside Computer, choosing "Add a Network Location").
>
> Of course, option 1 is not viable for you, since, for purposes of this test,
> the Firewall is on, and that seems to disallow access your site using IE7.
> My guess is that your server is only allowing Standard, not Passive, mode,
> whereby the FTP server always starts the data connection from TCP port 20.
> (The FTP server must open a new connection to the client when it sends or
> receives data, and the FTP client requests this by using the PORT command
> again).
>
> "dean-dean" <dean-dean@discussions.microsoft.com> wrote in message
> news:8BD6F661-B3C5-495E-BF19-E1FE6D6B13A2@microsoft.com...
> > Well, you could try, with the Firewall on, and in Internet Options, on the
> > Advanced tab, having "Use Passive FTP" checked, click to clear the Enable
> > folder view for FTP sites check box.
> >
> > Internet Explorer, at least on Windows XP, behaves as a Standard mode FTP
> > client if you select the Enable folder view for FTP sites check box, even
> > if you also select the Use Passive FTP check box. See:
> >
> > How to configure Internet Explorer to use both the FTP PORT mode and the
> > FTP PASV mode in the Windows Server 2003 Family:
> > http://support.microsoft.com/kb/323446
> >
> > As yet, I'm not sure if this applies to Vista as well. In my own
> > experience, I've not experienced problems with the Firewall on and having
> > both "Enable FTP folder view" and "Use Passive FTP" checked. In an FTP
> > client like FileZilla, check to see through it's logging function just
> > what commands are being used (PORT or PASV), and which are being accepted
> > by the server.
> >
> > "Aaron Wheeler" <AaronWheeler@discussions.microsoft.com> wrote in message
> > news:A8441FE1-6A60-4CF7-97EB-199EFE002634@microsoft.com...
> >> Thanks, Dean. In IE, "Use Passive FTP" is clicked, and the other programs
> >> are
> >> set to passive, as well. I think the setting has to be passive to be able
> >> to
> >> connect with the server (with the firewall off).
> >>
> >> Any other ideas?
> >>
> >> "dean-dean" wrote:
> >>
> >>> Check in IE7 Tools > Internet Options, on the Advanced tab, regarding
> >>> the
> >>> use of Passive FTP, and the Passive FTP settings in your other programs.
> >>>
> >>> "Aaron Wheeler" <AaronWheeler@discussions.microsoft.com> wrote in
> >>> message
> >>> news:2145CFF4-7E75-4126-AC4C-5695EAA1C9F9@microsoft.com...
> >>> >I am trying to connect to an ftp site from my laptop, running on Vista
> >>> >Pro
> >>> >.
> >>> > I have tried using FileZilla, IE, and Firefox in each case, I am able
> >>> > to
> >>> > connect to the ftp site if the windows firewall is off, but not able
> >>> > to
> >>> > connect if the windows firewall is on. I have selected each of these
> >>> > programs
> >>> > as "exceptions" to the firewall.
> >>> >
> >>> > Any suggestions? This is a really frustrating problem. What would the
> >>> > downside be to simply leave the windows firewall off?
> >>>
> >
>
>
 
A

Aaron Wheeler

Do people not use ftp anymore? I assume that most people will eventually
upgrade to Vista with firewall. Does this mean that ftp will be abandoned as
a file transfer method? Or are most people going to turn their firewalls off?

Thanks,
A

"Mr. Arnold" wrote:

>
> "Aaron Wheeler" <AaronWheeler@discussions.microsoft.com> wrote in message
> news:7132C001-A43D-48AF-8F9A-04672FA1596C@microsoft.com...
> > Thanks for telling me what I'm doing wrong: "You don't have the right
> > rules
> > set on the FW."
> >
> > Now can you tell me how to fix it?
>
> Well, with Vista FW enabled, I was only able to connect to one FTP site that
> happened to be a MAC site, out 10 FTP sites I went to.
>
> That was using IE 7. So, I don't know what the problem is and I'll take your
> word that all sties worked when you dropped the FW. I'll have to investigate
> what is happening.
>
>
>
 
M

Marco Desloovere

Aaron Wheeler [Wed, 18 Jul 2007 08:56:03 -0700] wrote:

>I am trying to connect to an ftp site from my laptop, running on Vista Pro .
>I have tried using FileZilla, IE, and Firefox in each case, I am able to
>connect to the ftp site if the windows firewall is off, but not able to
>connect if the windows firewall is on. I have selected each of these programs
>as "exceptions" to the firewall.
>
>Any suggestions? This is a really frustrating problem. What would the
>downside be to simply leave the windows firewall off?

FTP uses ports 20 and 21 (TCP/UDP). Make sure that the firewall is not
filtering them in the exceptions list.

I have no problems reaching any FTP site, and I have had no need to
modify Vista's firewall for this purpose.

Marco
 
You must log in or register to reply here.

Similar threads

M
windows 10 not able to connect to ftp server through network
Replies
0
Views
42
mangolai
M
M
windows 10 not able to connect to ftp server through network
Replies
0
Views
43
mangolai
M
D
Firewall doesn't Start Error CODE 0x6D9
Replies
0
Views
41
Dann Allison
D
A
Is the Windows Defender Firewall Service Always Necessary to Stay Running?
Replies
0
Views
24
Anthony Rosa1
A
R
Forza horizon not working - possibly due to teredo issues.
Replies
0
Views
27
Rob1231_667
R
Back
Top Bottom