PDA

View Full Version : Connection timeout when XP SP2 Firewall is enabled.

bigchief
01-23-2005, 10:55 AM
* FlashFXP v[3].[0.2], build [1045], [X]registered, [ ]unregistered, [ ]pirated
* OS [X] WinXP, [ ] Win2K, [ ] Win98, [ ] WinME, [ ] Other
* Running behind NAT/router [X] Yes & Model [FreeBSD 5.3-RELEASE-p3], [ ] No, [ ] Not sure
* Running firewall [X] Yes, Name [Windows XP SP2], Ver. [ ], or [ ] No
* Running Antivirus [X] Yes, Name [Norton Antivirus 2005] or [ ] No
* Network [X] xDSL, [ ] CABLE, [ ] Dail-Up, [ ] Other

Hi,

I'm having some trouble connecting to various FTP Sites with Windows XP Service Pack 2 firewall enabled.

Whenever I connect to a site, it just times out. If I disable the SP2 firewall, there is no problem connecting.

Possible solutions tried:
* Disabled XP SP2 Firewall: Worked (not an acceptable solution in the long run though ;)
* Removed Installergenerated FlashFXP entry from Windows Firewall: no change
* Disabled Antivirus: no change
* Updated FlashFXP to latest BETA version (3.1.8 build 1062): no change.
* Flush firewall rules from FreeBSD Machine: no change

Log output:
[16:43:57] [R] Connecting to ftp.freebsd.org -> DNS=ftp.freebsd.org IP=62.243.72.50 PORT=21
[16:44:18] [R] Connection failed (Connection timed out)
[16:44:18] [R] Delaying for 120 seconds before reconnect attempt #1


tcpdump on the FreeBSD firewall shows:
16:44:42.744360 arp who-has 172.21.203.3 tell 172.21.203.4
16:44:42.744380 arp reply 172.21.203.3 is-at 00:08:74:20:18:bb
16:44:42.744490 IP 172.21.203.4.1590 > 172.21.203.3.53: 4424+ A? ftp.freebsd.org. (33)
16:44:42.934429 IP 172.21.203.3.53 > 172.21.203.4.1590: 4424 2/4/3 A 62.243.72.50, (209)


( FlashFXP is allowed to lookup the name, but not to connect further).

The time on the 2 hosts isn't 100% in sync, it's a laptop that seems to drift a bit :)

I've tried with various internal and external hosts, all to no avail, and all of them work once I disable the Windows XP SP2 Firewall.

Furthermore I've tried to enable Logging on the XP Builtin firewall, but nothing shows up in the log, which only baffles me further.

For now, I've turned off the firewall on the laptop, and thats perfectly fine while on my own LAN, but it being a laptop, I'm bringing it around the world to various unsafe locations, and having a firewall on the machine is a must.

--
Regards
Søren Klintrup
Senior UNIX Administrator
Linkster
01-23-2005, 12:19 PM
Have you added FlashFXP as an exception in the SP2 Firewall?
bigchief
01-24-2005, 06:09 PM
Have you added FlashFXP as an exception in the SP2 Firewall?

* Removed Installergenerated FlashFXP entry from Windows Firewall: no change

Sorry if I was being a bit vague :-)

The Installer generated the FlashFXP Entry in SP2, I tried removing it and recreating it with no luck.
cjr
01-24-2005, 07:14 PM
I would get one of the later versions and see if the problem still exists. The latest is v3.1.9 Build 1066.
bigchief
01-25-2005, 03:11 PM
Originally posted by cjr
I would get one of the later versions and see if the problem still exists. The latest is v3.1.9 Build 1066.

Done.

FlashFXP v3.1.9 build 1066 [BETA RELEASE]
Support Forums at http://forum.flashfxp.com

[21:08:48] WinSock 2.0 -- OpenSSL 0.9.7e 25 Oct 2004
[21:08:55] [R] Connecting to ftp.freebsd.org -> DNS=ftp.freebsd.org IP=62.243.72.50 PORT=21
[21:09:16] [R] Connection failed (Connection timed out)
[21:09:16] [R] Delaying for 120 seconds before reconnect attempt #1

Same problem.
Linkster
01-25-2005, 04:11 PM
that doesn't make any sense. do you have any other firewall software on the machine?
youpi
01-25-2005, 05:13 PM
Originally posted by bigchief
Done.

FlashFXP v3.1.9 build 1066 [BETA RELEASE]
Support Forums at http://forum.flashfxp.com

[21:08:48] WinSock 2.0 -- OpenSSL 0.9.7e 25 Oct 2004
[21:08:55] [R] Connecting to ftp.freebsd.org -> DNS=ftp.freebsd.org IP=62.243.72.50 PORT=21
[21:09:16] [R] Connection failed (Connection timed out)
[21:09:16] [R] Delaying for 120 seconds before reconnect attempt #1

Same problem.
ftp.freebsd.org is on heavy load, since they released 4.11
maybe try a mirror
http://lists.freebsd.org/pipermail/freebsd-stable/2005-January/011419.html

FTP
---

ftp://ftp.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.FreeBSD.org/pub/FreeBSD/
ftp://ftp3.FreeBSD.org/pub/FreeBSD/
ftp://ftp5.FreeBSD.org/pub/FreeBSD/
ftp://ftp11.FreeBSD.org/pub/FreeBSD/
ftp://ftp.at.FreeBSD.org/pub/FreeBSD/
ftp://ftp.au.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.ca.FreeBSD.org/
ftp://ftp2.ch.FreeBSD.org/pub/FreeBSD/
ftp://ftp.cz.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.de.FreeBSD.org/pub/FreeBSD/
ftp://ftp.ee.FreeBSD.org/pub/FreeBSD/
ftp://ftp.es.FreeBSD.org/pub/FreeBSD/
ftp://ftp.fi.FreeBSD.org/pub/FreeBSD/
ftp://ftp.fr.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.ie.FreeBSD.org/pub/FreeBSD/
ftp://ftp.is.FreeBSD.org/pub/FreeBSD/
ftp://ftp.jp.FreeBSD.org/pub/FreeBSD/
ftp://ftp8.jp.FreeBSD.org/pub/FreeBSD/
ftp://ftp.kr.FreeBSD.org/pub/FreeBSD/
ftp://ftp.lt.FreeBSD.org/pub/FreeBSD/
ftp://ftp.nl.FreeBSD.org/pub/FreeBSD/
ftp://ftp.no.FreeBSD.org/pub/FreeBSD/
ftp://ftp5.pl.FreeBSD.org/pub/FreeBSD/
ftp://ftp3.ru.FreeBSD.org/pub/FreeBSD/
ftp://ftp.se.FreeBSD.org/pub/FreeBSD/
ftp://ftp.sg.FreeBSD.org/pub/FreeBSD/
ftp://ftp.si.FreeBSD.org/pub/FreeBSD/
ftp://ftp.sk.FreeBSD.org/pub/FreeBSD/
ftp://ftp2.tw.FreeBSD.org/pub/FreeBSD/
ftp://ftp6.tw.FreeBSD.org/pub/FreeBSD/
ftp://ftp.uk.FreeBSD.org/pub/FreeBSD/
ftp://ftp6.us.FreeBSD.org/pub/FreeBSD/
ftp://ftp10.us.FreeBSD.org/pub/FreeBSD/
Barough
01-26-2005, 01:49 PM
One thing thats sure is that XP's SP2 Firewall sux big time (not as bad as the 1st one ;) )

I've tested i alot right after SP2 was release and added alot of exception to it, but that didn't do it 4 alot of softwares. MS has still alot 2 learn when it comes 2 firewalls
bigchief
01-30-2005, 08:21 PM
ftp.freebsd.org is on heavy load, since they released 4.11
maybe try a mirror


Problem has been around since before 4.11, furthermore the ftp.freebsd.org logentry was chosen as one out of many, including a private FTP Server on my LAN. The problem isn't load on the FTP Daemon, but a general problem with connectivity.

that doesn't make any sense. do you have any other firewall software on the machine?
Nope.

The Machine is running a 2 week old Licensed Windows XP Pro, SP2 - problem disappears when the firewall is disabled.

I'll try downloading the latest beta from the website tomorrow - I'll update when I have more info.
Nimrod
01-31-2005, 01:17 PM
Just thought id mention, im having the exact same problem, and if theres ever a solution, please do post! :(
MxxCon
01-31-2005, 05:15 PM
yes, there is a solution.
The Machine is running a 2 week old Licensed Windows XP Pro, SP2 - problem disappears when the firewall is disabled.
you need to properly configure XP Firewall to allow flashfxp to connect.
EofB
02-16-2005, 09:03 PM
Care to share what the proper configuration of the Windows XP firewall is? I have the same problem. I already have a firewall exception for FlashFXP. I can connect when the firewall is turned off, but not when it is turned on.

Maybe the proper configuration of the firewall is to turn it off ;)


* FlashFXP v[3.0.2].[ ], build [1045], []registered, [X]unregistered, [ ]pirated
* OS [X] WinXP, [ ] Win2K, [ ] Win98, [ ] WinME, [ ] Other
* Running behind NAT/router [ ] Yes & Model [ ], [ ] No, [X] Not sure
* Running firewall [X] Yes, Name [Windows XP Home], Ver. [SP2], or [ ] No
* Running Antivirus [X] Yes, Name [Norton Anti Virus 2005] or [ ] No
* Network [ ] xDSL, [ ] CABLE, [X] Dail-Up, [ ] Other