426 Connection closed; transfer aborted. Error #10057
During a data-transfer (directory-listings or file-transfers), the control-connection (tcp/ip default 21, used to login and issue commands) is IDLE.
When this control-connection is IDLE, other pieces of networking-equipment between yourself and the ftp-client could choose to close idle connections with a function called “Inactivity Timeout”. This “Inactivity Timeout” can be found in the ftp-client’s first hop to the internet (their wifi/nat router), it could be found in the upstream routers through their ISPs, it can also be found in your own first-hop to the internet. Basically they are everywhere, but the first place is to set this value in your own hardware that provides routing to the internet (example below).
To combat this, the NOOP command (aka Keep-Alive) was made for ftp-clients in the RFC spec. During lengthy transfers, the ftp-client needs to send a NOOP command across the ftp-control-connection; this will keep the connection active with periodic “chatter”.
However, this also prevents ftp-clients from accessing your installation of BulletProof FTP Server 2011 unless you “open the firewall” to allow access. This means, you must open at least two ports; one for the control-connect and 1 (one) data-port for every concurrent connection to the ftp-server.
NOTE: It’s very common for people to think that only 1 (ONE) port is needed for FTP (default tcp/ip port 21). However, this is NOT the case as you need to define data-ports in order to support Passive-Mode (PASV).
LASTLY: Be sure to run your installation through our Firewall Tester. After providing the IP/Host, Port, User and Password for your installation, this tester will simulate a ftp-user can connect to your BPFTP Server. Please use it! http://bpftpserver.com/products/bpftpserver/windows/test/firewall
NOTE: If you are running any Anti-Virus or Internet-Security software on your computer (McAfee, Norton, etc) you may also be protected by yet-another-software-based-firewall. Please consult the documentation that came with your software for opening up firewall-ports.
NOTE: Almost everyone has a hardware-based NAT/Firewall router in their network topology. For Home Users, this is usually your WiFi-Router. Please look into the documentation that came with your hard-based NAT/Firewall router for information on opening firewall-ports.
Step-by-Step Directions
Step #1.1: BPFTP Server - NAT/Firewall Configuration Step #1.2: BPFTP Server - Use DNS for PASV Step #1.3: BPFTP Server - Use Static IP for PASV Step #1.4: BPFTP Server - Configure Data-Ports Back to Top
2) Open the Windows Firewall up for the BPFTP Server 2011 Step 2.0: Open Windows Firewall Step 2.1 Create New Firewall-Rule Step 2.2: Choose Firewall-Rule Type Step 2.3: Browse for Program Step 2.4: Choose Program-Path Step 2.5: Confirm Program-Path Step 2.6: Choose Allow Step 2.7: Select Firewall Domain Step 2.8: Name Firewall-Rule Back to Top
3) Open the Windows Firewall up for the Control-Connection Step 3.0: Open Windows Firewall Step 3.1: Create New Firewall-Rule Step 3.2: Choose Firewall-Rule Type Step 3.3: Specify Port for Control-Connection Step 3.4: Choose Allow Step 3.5: Select Firewall Domains Step 3.6: Name Firewall-Rule Back to Top
Using this tool, you can instruct our website to perform a test connection back to your computer running BulletProof FTP Server for Windows.
Starting with Windows XP Service Pack 2, software-based firewalls have become a standard feature to help protect your computer from hackers on the internet.
Going a step further, if your computer is connected to a DSL/Cable modem or Wi-Fi, your computer has been further protected with a more-secure and robust hardware-based firewall. But with this additional protection, comes the need for you to be knowledgable enough to configure these devices to allow BulletProof FTP Server for Windows to be accessible from outside your firewall.
This tool will allow you to test port-forwarding rules setup on your firewall for both the control and data connections and will aid in the determination of your passive (PASV) or port (PORT) mode support.
