I have been unable to connect to my FTP server behind Wingate when using SFTP. There is no problem connecting when using regular FTP.
I have been using Microsoft IIS FTP for well over a year since installing Wingate. The FTP client is CuteFTP Pro. Wingate FTP Proxy is setup to pipe the request directly through to the LAN server machine's IP. ENS Port Security shows a Hole for the appropriate port and the packet is Allowed.
I just recently installed Globalscape's Secure FTP Server 2. IIS is stopped and IIS port pooling is disabled. With regular FTP there is no problem connecting to the new server either from the LAN or from a remote location. When I switch to SFTP the connection fails. (In Wingate, FTP Proxy is set to Port 22 and ENS Port security also reflects Port 22.) The SFTP server is setup for password only. Following is the error message:
STATUS:> Initializing SFTP21 module...
STATUS:> Connecting to SFTP server 69.xxx.xxx.xxx:22 (ip = 69.xxx.xxx.xxx)...
ERROR:> The file being transferred in ASCII mode appears to be a Binary file. Proceed anyway?
ERROR:> Can't connect to 69.xxx.xxx.xxx:22. SFTP21 error = #0.
STATUS:> SFTP21 connection closed
Yesterday, Globalscape support asked me to check if I could connect directly to the server using the server's LAN IP. It worked just fine. Which leads me to believe that Wingate is interferring in SFTP mode.
Additionally, I have no problem connecting from the LAN to our third party web site host's SFTP server.
Anyone have any suggestions?
Thanks for your help!
Problem with SFTP
Moderator: Qbik Staff
4 posts
• Page 1 of 1
Problem with SFTP
by rich s » Nov 03 04 6:57 am
- rich s
- Posts: 2
- Joined: Nov 03 04 6:01 am
- Location: California
by rich s » Nov 04 04 5:13 am
Pascal:
Thanks! That did it!
I was a bit challenged at first because the local CuteFTP client could not access using the WAN IP address. After making the change, though, I went to my laptop at home to confirm internet access. Here at the office the CuteFTP client must use the Server's LAN IP address.
Thanks for the great support!
Rich S
Wingate configuration is as follows:
ENS Port Security:
Port Range Specification
Description: Hole for SFTP (Manual)
Internet computers to the Wingate PC / TCP (the defaults)
Ports 22 to 22 (I'm allowing SFTP only)
Action: Redirect Packet to IP Address (LAN addr of SFTP server)
UNcheck: Don't translate source IP
FTP Proxy Server:
General:
Service will start automatically
Port 22
Bindings Policy:
UNcheck Bind only to xxx.xxx.xxx.xxx on WAN
Leave Checked: Bind to any IP address on any internal adapter
(This results in the Wingate PC's IP address showing in 'Adapters'
Gateways:
Use any available connection
Sessions:
Leave UNchecked: Transparent proxy
Server Requests: Pipe through to predetermined server (LAN IP of FTP server machine)
Port 22
Connections: Directly
Thanks! That did it!
I was a bit challenged at first because the local CuteFTP client could not access using the WAN IP address. After making the change, though, I went to my laptop at home to confirm internet access. Here at the office the CuteFTP client must use the Server's LAN IP address.
Thanks for the great support!
Rich S
Wingate configuration is as follows:
ENS Port Security:
Port Range Specification
Description: Hole for SFTP (Manual)
Internet computers to the Wingate PC / TCP (the defaults)
Ports 22 to 22 (I'm allowing SFTP only)
Action: Redirect Packet to IP Address (LAN addr of SFTP server)
UNcheck: Don't translate source IP
FTP Proxy Server:
General:
Service will start automatically
Port 22
Bindings Policy:
UNcheck Bind only to xxx.xxx.xxx.xxx on WAN
Leave Checked: Bind to any IP address on any internal adapter
(This results in the Wingate PC's IP address showing in 'Adapters'
Gateways:
Use any available connection
Sessions:
Leave UNchecked: Transparent proxy
Server Requests: Pipe through to predetermined server (LAN IP of FTP server machine)
Port 22
Connections: Directly
- rich s
- Posts: 2
- Joined: Nov 03 04 6:01 am
- Location: California
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 3 guests