That may fix it, and may not.

FTP gets ugly on today's Internet, because it was designed in the 1970's, long before firewalls were common and before Network Address Translation (NAT) existed. The near universal use of firewalls and NAT on the Internet today make FTP problematic at times.

This document explains the issues and work arounds very well.
http://www.ncftp.com/ncftpd/doc/misc/ftp_and_firewalls.html

FTP Passive mode is used by most FTP programs with the prevalence of firewalls. The FTP protocol uses 2 ports (one for transfer one for control). When a file is requested the requestor sends a message to the server on the control connection. Then the server responds to the receiver by initiating a transfer connection to the requestor... but if there is a firewall, the transfer connection can't be made since the firewall will likely block it. So passive mode adds some protocol steps where the server opens up a port for the requestor to connect to for the transfer connection, sends that information to the requestor over the control channel, and the requestor makes the transfer connection. So in passive mode, all connections to the server are initiated from the requestor so they are allowed by the firewall.

On my Mac OSX 10.4.8, this failed:

ftp> EPSV
?Invalid command.

HELP!!

Also, is there a way to configure this automatically?

Oh, it accepts lower case!

ftp> epsv
EPSV/EPRT on IPv4 off.

but it still hangs in 'Entering Passive Mode'.

Eventually it said

200 PORT command successful.

421 Service not available, remote server timed out. Connection closed
ftp>

Interestingly it created an empty file on the
remote computer where I was putting the file.

I'm experiencing this problem with two FTP servers. The EPSV off fix works fine one one (dataflame.co.uk) but failed on the other (p4host.com).

I have tried turning the OSX firewall off completely but this makes no difference. I have tried the terminal, Cyberduck and Yummy FTP -- same problem with all of them.

I'm running OSX 10.4.9 on an Intel Mac.

Can anyone help?!

The general rule is that if you have a local NAT/firewall you'll want to use passive mode, and if you have a remote firewall, you'll probably need to use active mode.

EPSV is a function of the remote server. If EPSV isn't working for your specific remote server, try PASV.

Use the PASV and EPSV command to cycle passive mode off and on. Passive mode is on by default in most FTP clients.

Thanks Dave,
This worked perfectly on the Solaris box we were grabbing data from! Had tried quote PASV before with no success.

I am trying to get FTP to work between two SUSE servers and I have used the epsv command.

When I try to transfer a file or do a dir command it hangs.

Is there a solution?

Thanks for posting this, it helped me!

HI Dave,

Recently i had a situation in which 1 user was able to do ftp to cleint but another was not.I checked /etc/ftpusers file,/etc/security/login.cfg file,ftpd daemon,/etc/security/passwd all was fine.But another user was not able to see the files under directory as 1st user can do.I can't figure out difference if any as i checked everything.

Please help.

Its a AIX 5.3 Client

I have AIX5.3 server.I have lost root password,please tell me how to set the new root passsword

Hii Dave ,
I am using a GPRS modem for my FTP application.I need to transfer some file from remote area to server. I am testing it through Filezilla. Pc is able to send file to server , but when my Modem connects , its fine but when i want to send a file , its getting hang at (27.57.153.59)> 227 Entering Passive Mode (59,90,235,221,0,22) . I have set the time out period to 0. Any idea ?

FTP is trickier than most people think. The client initially connects to the server on port 21. The server will communicate back to the client on its outbound port 20, but the port that it connects to on the client can be any port > 1023 depending on which mode the client is in. The client can be in ACTIVE or PASSIVE mode.

If the client is in ACTIVE mode, it tells the server how to connect back to the client, including a port number > 1023. Each time you do a transfer or dir command, this will be a different port number.

In PASSIVE mode, the server tells the client whic ip address & port number to connect to. The server can typically be configured to specify a range of ports for the passive mode.

Here's a full overview.
http://www.ncftp.com/ncftpd/doc/misc/ftp_and_firewalls.html#TwoTypes

Thanks for the information. This works perfectly for me. I'm wondering if the passive command can work automatic like via a command procedure

$ ftp/type=ascii server_name /user=user1 /pass =user1$ /pasv dir

When I run this command via a procedure, it still hangs. But when I ftp manually, it works.

Your help is appreciated!

Thanks!

I tried epsv, that didn't work for me. This did:

ftp> passive
Passive mode: off; fallback to active mode: off.

Use to be, from Linux (SLES mainly) I would get the

229 Entering Extended Passive Mode (|||####|) error.

Then long pause and then it worked.

Then, about a year or two ago, it would just fail with something like:

421 Service not available, remote server timed out. Connection closed

SO, I started to enter "PASS" before I did anything and that seemed to fix it.

Now, it still fails and I have had to enter:

"EPSV"

And it is back working... Thank God. So, what is happening? I have been doing these FTP's from basically the same Linux system. I cannot speak for the remote system... They may have upgraded or something? What will be the next failure and what command will I use then?