Unable to connect to a server from our AIX server via FTP


 
Thread Tools Search this Thread
Top Forums UNIX for Beginners Questions & Answers Unable to connect to a server from our AIX server via FTP
# 8  
Old 02-20-2020
Hi ,
Sure, will definitely keep that in mind.
Want to sum up the list of checks and troubleshooting i did for connecting to an FTP server.
We are trying to connect to an FTP server from our AIX server. Getting the following message

Code:
# ftp 164.52.194.12
ftp: connect: A remote host did not respond within the timeout period.
ftp> open 164.52.194.12
ftp: connect: A remote host did not respond within the timeout period.
ftp>

However, we are able to reach out to the same server from our local PC (workstation) via powershell

Code:
Windows PowerShell
Copyright (C) 2015 Microsoft Corporation. All rights reserved.

PS C:\Users\LINC> ftp
ftp> open 164.52.194.12
Connected to 164.52.194.12.
220 Microsoft FTP Service
200 OPTS UTF8 command successful - UTF8 encoding now ON.
User (164.52.194.12:(none)):

The ftp services are enabled [uncommented] in the /etc/services file

Code:
# grep -i ftp /etc/services
ftp-data                20/tcp          # File Transfer [Default Data]
ftp-data                20/udp          # File Transfer [Default Data]
ftp                             21/tcp          # File Transfer [Control]
ftp                             21/udp          # File Transfer [Control]
ni-ftp                  47/tcp          # NI FTP
ni-ftp                  47/udp          # NI FTP
tftp                    69/udp          # Trivial File Transfer
tftp                    69/tcp          # Trivial File Transfer
sftp                    115/tcp         # Simple File Transfer Protocol
sftp                    115/udp         # Simple File Transfer Protocol
bftp                    152/tcp         # Background File Transfer Program
bftp                    152/udp         # Background File Transfer Program
softpc                  215/tcp         # Insignia Solutions
softpc                  215/udp         # Insignia Solutions
subntbcst_tftp  247/tcp         # SUBNTBCST_TFTP
subntbcst_tftp  247/udp         # SUBNTBCST_TFTP
mftp                    349/tcp         # mftp
mftp                    349/udp         # mftp
ftp-agent                574/tcp                # FTP Software Agent System
ftp-agent                574/udp                # FTP Software Agent System
pftp                    662/tcp         # PFTP
pftp                    662/udp         # PFTP
ftps-data                989/tcp                # ftp protocol, data, over TLS/SSL
ftps-data                989/udp                # ftp protocol, data, over TLS/SSL
ftps                    990/tcp         # ftp protocol, control, over TLS/SSL
ftps                    990/udp         # ftp protocol, control, over TLS/SSL
tftp-mcast              1758/tcp                # tftp-mcast
tftp-mcast              1758/udp                # tftp-mcast
etftp                    1818/tcp               # Enhanced Trivial File Transfer Protocol
etftp                    1818/udp               # Enhanced Trivial File Transfer Protocol
utsftp                  2529/tcp                # UTS FTP
utsftp                  2529/udp                # UTS FTP
aaftp                    2794/tcp               # aaftp
aaftp                    2794/udp               # aaftp
gsiftp                  2811/tcp                # GSI FTP
gsiftp                  2811/udp                # GSI FTP
odette-ftp              3305/tcp                # ODETTE-FTP
odette-ftp              3305/udp                # ODETTE-FTP
tftps                    3713/tcp               # TFTP over TLS
tftps                    3713/udp               # TFTP over TLS
exasoftport1    3920/tcp                # Exasoft IP Port
exasoftport1    3920/udp                # Exasoft IP Port
mftp                    5402/tcp                # MFTP
mftp                    5402/udp                # MFTP
#

The ports are open

Code:
# netstat -an|grep LIST|grep 20
tcp        0      0  *.2049                 *.*                    LISTEN
tcp4       0      0  *.3200                 *.*                    LISTEN
# netstat -an|grep LIST|grep 21
tcp        0      0  *.21                   *.*                    LISTEN

Checked the inted.conf file, ftp isn't commented out

Code:
# cat inetd.conf
## @(#)62       1.17.3.4  src/tcpip/etc/inetd.conf, tcpinet, tcpip61N, 1024A_61N 5/27/10 21:56:33
## IBM_PROLOG_BEGIN_TAG
## This is an automatically generated prolog.
##
## tcpip61N src/tcpip/etc/inetd.conf 1.17.3.4
##
## Licensed Materials - Property of IBM
##
## COPYRIGHT International Business Machines Corp. 1993,2010
## All Rights Reserved
##
## US Government Users Restricted Rights - Use, duplication or
## disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
##
## IBM_PROLOG_END_TAG
##
## COMPONENT_NAME: TCPIP inetd.conf
##
## FUNCTIONS:
##
## ORIGINS: 26  27
##
## (C) COPYRIGHT International Business Machines Corp. 1993
## All Rights Reserved
## Licensed Materials - Property of IBM
##
## US Government Users Restricted Rights - Use, duplication or
## disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
##
#######################################################################
##
##                 Internet server configuration database
##
##      Services can be added and deleted by deleting or inserting a
##      comment character (ie. #) at the beginning of a line  If inetd
##      is running under SRC control then the "refresh -s inetd" command
##      needs to be executed for inetd to re-read the inetd.conf file.
##
##      NOTE: The TCP/IP servers do not require SRC and may be started
##      by invoking the service directly (i.e. /etc/inetd). If inetd
##      has been invoked directly, after modifying this file, send a
##      hangup signal, SIGHUP to inetd (ie. kill -1 "pid_of_inetd").
##
##      NOTE: The services with socket type of "sunrpc_tcp" and "sunrpc_udp"
##      require that the portmap daemon be running.
##      Also please use ## to designate comments in this file so that
##      the smit commands can edit this file correctly.
##
##      NOTE: When using IPv6 services, specify "tcp6" or "udp6" for the
##      protocol.  "tcp" and "udp" are interpreted as IPv4.
##
## service  socket  protocol  wait/  user    server    server program
##  name     type             nowait         program     arguments
##
ftp     stream  tcp6    nowait  root    /usr/sbin/ftpd         ftpd -d
telnet  stream  tcp6    nowait  root    /usr/sbin/telnetd      telnetd -a
shell   stream  tcp6    nowait  root    /usr/sbin/rshd         rshd
#kshell  stream  tcp     nowait  root    /usr/sbin/krshd        krshd
login   stream  tcp6    nowait  root    /usr/sbin/rlogind      rlogind
#klogin  stream  tcp     nowait  root    /usr/sbin/krlogind     krlogind
exec    stream  tcp6    nowait  root    /usr/sbin/rexecd       rexecd
#comsat dgram   udp     wait    root    /usr/sbin/comsat       comsat
#uucp   stream  tcp     nowait  root    /usr/sbin/uucpd        uucpd
#bootps dgram   udp     wait    root    /usr/sbin/bootpd       bootpd /etc/bootptab
##
## Finger, systat and netstat give out user information which may be
## valuable to potential "system crackers."  Many sites choose to disable
## some or all of these services to improve security.
##
#finger stream  tcp     nowait  nobody  /usr/sbin/fingerd     fingerd
#systat stream  tcp     nowait  nobody  /usr/bin/ps           ps -ef
#netstat stream tcp     nowait  nobody  /usr/bin/netstat      netstat -f inet
#
#tftp    dgram  udp6    SRC     nobody  /usr/sbin/tftpd         tftpd -n
#talk   dgram   udp     wait    root    /usr/sbin/talkd         talkd
ntalk   dgram   udp     wait    root    /usr/sbin/talkd         talkd
#
# rexd uses very minimal authentication and many sites choose to disable
# this service to improve security.
#
#rquotad  sunrpc_udp     udp     wait    root    /usr/sbin/rpc.rquotad rquotad 100011 1
#rexd    sunrpc_tcp     tcp     wait    root    /usr/sbin/rpc.rexd rexd 100017 1
#rstatd  sunrpc_udp     udp     wait    root    /usr/sbin/rpc.rstatd rstatd 100001 1-3
#rusersd sunrpc_udp     udp     wait    root    /usr/lib/netsvc/rusers/rpc.rusersd rusersd 100002 1-2
#rwalld  sunrpc_udp     udp     wait    root    /usr/lib/netsvc/rwall/rpc.rwalld rwalld 100008 1
#sprayd  sunrpc_udp     udp     wait    root    /usr/lib/netsvc/spray/rpc.sprayd sprayd 100012 1
#pcnfsd  sunrpc_udp     udp     wait    root    /usr/sbin/rpc.pcnfsd pcnfsd 150001 1-2
#echo   stream  tcp     nowait  root    internal
#discard        stream  tcp     nowait  root    internal
#chargen        stream  tcp     nowait  root    internal
daytime stream  tcp     nowait  root    internal
time    stream  tcp     nowait  root    internal
#echo   dgram   udp     wait    root    internal
#discard        dgram   udp     wait    root    internal
#chargen        dgram   udp     wait    root    internal
daytime dgram   udp     wait    root    internal
time    dgram   udp     wait    root    internal
## The following line is for installing over the network.
#instsrv stream tcp     nowait  netinst /u/netinst/bin/instsrv instsrv -r /tmp/netinstalllog /u/netinst/scripts
#imap2  stream  tcp     nowait  root    /usr/sbin/imapd imapd
#pop3   stream  tcp     nowait  root    /usr/sbin/pop3d pop3d
caa_cfg stream  tcp6    nowait  root    /usr/sbin/clusterconf clusterconf >>/var/adm/ras/clusterconf.log 2>&1
dtspcd  stream  tcp     nowait  root    /usr/dt/bin/dtspcd /usr/dt/bin/dtspcd
cmsd    sunrpc_udp      udp     wait    root    /usr/dt/bin/rpc.cmsd cmsd 100068 2-5
ttdbserver      sunrpc_tcp      tcp     wait    root    /usr/dt/bin/rpc.ttdbserver rpc.ttdbserver 100083 1
wsmserver       stream  tcp     nowait  root    /usr/websm/bin/wsmserver wsmserver -start
xmquery dgram   udp     wait    root    /usr/bin/xmtopas xmtopas -p3
#

Upon checking the firewall status , we are getting the following message

Code:
# lsfilt -a
Can not open device /dev/ipsec4_filt.

ftpd status check

Code:
# lssrc -t ftp
Service       Command                  Description              Status
 ftp          /usr/sbin/ftpd           ftpd -d                  active
#

I tried pinging from the host ( which is my SAP server running on AIX) to the FTP server

Result : unsuccessful ,cannot ping

Code:
# traceroute 203.112.144.202
trying to get source for 203.112.144.202
source should be 172.16.80.80
traceroute to 203.112.144.202 (203.112.144.202) from 172.16.80.80 (172.16.80.80), 30 hops max
outgoing MTU = 1500
 1  172.16.80.100 (172.16.80.100)  31 ms  0 ms  0 ms
 2  172.16.80.100 (172.16.80.100)  0 ms !H * *
 3  172.16.80.100 (172.16.80.100)  0 ms !H * *
 4  172.16.80.100 (172.16.80.100)  0 ms !H *  0 ms !H
# ping -c 5 203.112.144.202
PING 203.112.144.202: (203.112.144.202): 56 data bytes

--- 203.112.144.202 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss
#


But, when i pinged the same FTP server from my local PC/Workstation (in the same LAN as my SAP server) it was successful

Code:
Windows PowerShell
Copyright (C) 2015 Microsoft Corporation. All rights reserved.
PS C:\Users\LINC> ftp
ftp> open 164.52.194.12
Connected to 164.52.194.12.
220 Microsoft FTP Service
200 OPTS UTF8 command successful - UTF8 encoding now ON.
User (164.52.194.12:(none)): saplincpen
331 Password required
Password:

Windows PC and my AIX server are on the same LAN ,let's say LAN1
The server that i'm trying to connect to is on another LAN say LAN 2
I was successfully able to ping the AIX server from my local windows workstation
Here is the o/p:

Code:
C:\Users\LINC>ftp
ftp> open 172.16.80.80
Connected to 172.16.80.80.
220 prdsap1 FTP server (Version 4.2 Wed Jun 29 13:24:26 CDT 2011) ready.
500 'OPTS UTF8 ON': command not understood.
User (172.16.80.80:(none)): root
331 Password required for root.
Password:
230-Last unsuccessful login: Wed Jan 22 17:40:48 GMT+05:30 2020 on /dev/pts/0 from 172.16.80.85
230-Last login: Thu Feb 20 14:29:04 GMT+05:30 2020 on ftp from ::ffff:172.16.80.5
230 User root logged in.
ftp> dir
200 PORT command successful.
150 Opening data connection for /bin/ls.


Please suggest what approach to take /what further checks to do in order to connect via FTP? Any specific firewall related checks we need to do ?

Regards,
Bruno

Last edited by vbe; 02-20-2020 at 09:15 AM..
# 9  
Old 02-20-2020
Looking at all those ports and hosts file is premature (and not helpful).

If you cannot ping, you have a networking issue where your routes are not setup correctly.

There is no need to posts all those files (again).

You need to find out why you cannot ping the server from your device.

Maybe you can draw a picture of your network and upload the image as an attachment so we can take a look?
# 10  
Old 02-20-2020
Hi,

I'm afraid i do not have the network architecture /diagram with me now as i'm fairly new to this organization and haven't received any sort of handover.

Here are the routes :

Code:
# netstat -rn
Routing tables
Destination        Gateway           Flags   Refs     Use  If   Exp  Groups

Route Tree for Protocol Family 2 (Internet):
default            172.16.80.100     UG       24   1065815 en0      -      -
127/8              127.0.0.1         U        18   4972212 lo0      -      -
164.52.194/24      172.16.80.80      UG        0         0 en0      -      -
164.52.194.12      172.16.80.80      UGH       0         8 en0      -      -
172.16.0.0         172.16.80.80      UHSb      0         0 en0      -      -   =>
172.16/16          172.16.80.80      U        39   2224275 en0      -      -
172.16.80.80       127.0.0.1         UGHS     60 510225375 lo0      -      -
172.16.255.255     172.16.80.80      UHSb      2      5108 en0      -      -

Will adding the route via routeadd do any good
Code:
route add <destination ip> <source ip>

Any further network related checks i can do ? Anything to do with the firewall ? Any specific firewall related checks i can carry out?

Regards,
Bruno

--- Post updated at 12:26 PM ---

Following are the entries for routing tables :

Code:
#  lsattr -El inet0
authm         65536                            Authentication Methods              True
bootup_option no                               Use BSD-style Network Configuration True
gateway                                        Gateway                             True
hostname      prdsap1                          Host Name                           True
rout6                                          IPv6 Route                          True
route         net,-hopcount,0,,0,172.16.80.100 Route                               True

# 11  
Old 02-20-2020
Actually, I did not ask you for a polished, full blown, network diagram.

I asked you:

Quote:
Maybe you can draw a picture of your network and upload the image as an attachment so we can take a look?
If you cannot take a piece of paper and a pencil (or your favorite drawing tool) and depict the network you are working, there is little hope to solving a networking / routing issue.
# 12  
Old 02-20-2020
I'm lost. You


- traceroute and ping 203.112.144.202
- ftp to 164.52.194.12
- ftp to 172.16.80.80 (which, in turn, is taken as source when pinging)


Pls tell us which is the PC, the AIX machine, and the ftp server? Does a route from either to ftp exist?



BTW, the port 20 does not seem to be open, from your netstat output.
# 13  
Old 02-20-2020
Hi,

Apologies for the confusion. Let me clarify

AIX Server on the local LAN -> Ip address : 172.16.80.80

My workstation on the local LAN -> Ip address : 172.16.80.85

FTP server which is hosted on cloud> Ip address : 164.52.194.12

Connection from my workstation to the FTP server

Code:
Windows PowerShell
Copyright (C) 2015 Microsoft Corporation. All rights reserved.

PS C:\Users\LINC> ftp
ftp> open 164.52.194.12
Connected to 164.52.194.12.
220 Microsoft FTP Service
200 OPTS UTF8 command successful - UTF8 encoding now ON.
User (164.52.194.12:(none)): saplincpen
331 Password required
Password:

Status : Successful

Connection from AIX server to FTP server

Code:
# ping 164.52.194.12
PING 164.52.194.12: (164.52.194.12): 56 data bytes
203 packets transmitted, 0 packets received, 100% packet loss

Code:
# traceroute 164.52.194.12
trying to get source for 164.52.194.12
source should be 172.16.80.80
traceroute to 164.52.194.12 (164.52.194.12) from 172.16.80.80 (172.16.80.80), 30 hops max
outgoing MTU = 1500
 1  * * *
 2  * * *
 3  * * *
 4  * * *
 5  * * *
 6  * * *
 7  * * *
 8  * * *
 9  * * *

Status : Unsuccessful.

Regarding port 20, here is the output

Code:
# netstat -an | grep -i listen | grep -E "20"
tcp        0      0  *.2049                 *.*                    LISTEN
tcp4       0      0  *.3200                 *.*                    LISTEN
#


Regards,
Bruno

--- Post updated at 01:10 PM ---

Moderator's Comments:
Mod Comment External / broken img link deleted. Go "advanced" here and upload attachment to the forums.
# 14  
Old 02-20-2020
Looks like there's no route to host, an port 20 is not open.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Not able to connect to new FTP server

Hi All, We have done new FTB setup. I am not able to to connect to this new target server. Here is the new setup to send files to the FTB : - Login : FTB-TAN-DEV-SAP - Protocol : SFTP - Port : 54322 - Hostname : ftb-dev.apj.hp - Env : DEV - Target ID : 3225 I tried connecting to the... (5 Replies)
Discussion started by: ROCK_PLSQL
5 Replies

2. Solaris

Unable to connect sun server.

Hi, I am unable to connect sun server, server model is sun fire v440 on server 2 ports are there. serial management, and network management. I would like to know how to connect serial port if I dont have com port on my system? and on Network Management no ip address is configured. ... (2 Replies)
Discussion started by: manoj.solaris
2 Replies

3. Linux

Unable to connect to Server machine from a client machine using ftp service

Hi, Could you please help me with the below issue.. I'm running RHEL6 OS on both server (192.168.0.10) and client machines (192.168.0.1). I'm trying to connect to server from the client machine using ftp service. I have installed vsftpd daemon on both the machines. I'm getting... (4 Replies)
Discussion started by: raosr020
4 Replies

4. UNIX for Advanced & Expert Users

Public key to connect from one ftp server to other server

How to generate public key to connect from one ftp server to other server to use in scripting. (1 Reply)
Discussion started by: sridhardwh
1 Replies

5. Linux

Generate public key to connect from one ftp server to other server

How to generate public key to connect from one ftp server to other server to use in scripting. (0 Replies)
Discussion started by: sridhardwh
0 Replies

6. Red Hat

unable to connect remote server using ssh

hi all i am unable to connect remote server using ssh but i am able to ping the server ssh service is running. (5 Replies)
Discussion started by: nikhil kasar
5 Replies

7. UNIX for Advanced & Expert Users

Unable to use FTP command to connect from one server to another

Hi, I have two unix servers A and B. from A i am trying to use the ftp command to connect to B but I am getting the "ftp: connect: A remote host refused an attempted connect operation." I checked the following things : 1.) Unix Server details for A and B after running the command uname -a... (3 Replies)
Discussion started by: mick_000
3 Replies

8. HP-UX

[Solved] Unable to rename file in ftp server .Net:FTP perl

Hello All, I am trying to connect to ftp server and get the files. Also i need to rename the file in other ftp dir. rename method is not allowing me to rename the file in other dir. When i tried copy command by using net::FTP:FILE then perl says it is not installed. Can some body help me to... (2 Replies)
Discussion started by: krsnadasa
2 Replies

9. AIX

Unable to connect to AIX server through xmanager

Hi, I have xmanager installed on my windows PC. But I am not able to connect to AIX server. It's giving the error as follows: The X11 forwarding request was rejected. Graphics mode is not coming up in AIX server. Please help as I have to install oracle patchset urgently. (1 Reply)
Discussion started by: dwiravi
1 Replies

10. Shell Programming and Scripting

ftp script not able to connect to ftp server.

I have the following ftp script to get files from a remote location. However, on running the script I find that I am not even able to connect to ftp server. I am able to connect to ftp server using other GUI ftp tools like WS_FTP using the same IP. IP used here is a dummy IP. What can go... (3 Replies)
Discussion started by: gram77
3 Replies
Login or Register to Ask a Question