"425 Can't open data connection" - Bug in XP?

[Yong-Kwang Goh]

I've been frustrated by the 425 Can't open data connection
message when trying to list (ls) the content of a FTP
server directory after logging in successfully.

After encountering the same problem for 2 FTP servers
(from Tripod and Websamba) I grew suspicious that the
problem lies with my computer rather than the
server/network setup.

Firstly, I disable the Internet Connection Firewall for
all my dialup and Ethernet connections, thinking it's the
firewall which is preventing the FTP data connection from
being made successfully. It doesn't help.

I also remove the proxy server setting for FTP connection
in IE6.

Then I also disable the IIS 5.1 server for XP Professional.

Nothing helps. I thus ran a test to connect to the same
FTP servers and do a directory listing on the same dialup
connection on an old PC which is running on Windows 98. It
works perfectly fine; no 425 error using the same command
line Windows FTP utility. The directory content was listed
without a hitch. This confirms that it is a problem with
XP.

Below is a dump of netstat -a:
Active Connections

Proto Local Address Foreign Address
State
TCP u0206397:epmap u0206397.stu.nus.edu.sg:0
LISTENING
TCP u0206397:microsoft-ds u0206397.stu.nus.edu.sg:0
LISTENING
TCP u0206397:1025 u0206397.stu.nus.edu.sg:0
LISTENING
TCP u0206397:1031 u0206397.stu.nus.edu.sg:0
LISTENING
TCP u0206397:5000 u0206397.stu.nus.edu.sg:0
LISTENING
TCP u0206397op3 u0206397.stu.nus.edu.sg:0
LISTENING
UDP u0206397:epmap *:*
UDP u0206397:microsoft-ds *:*
UDP u0206397:isakmp *:*
UDP u0206397:1037 *:*
UDP u0206397:1093 *:*
UDP u0206397:4500 *:*
UDP u0206397:ntp *:*
UDP u0206397:1050 *:*
UDP u0206397:1900 *:*
UDP u0206397:10001 *:*
UDP u0206397:62515 *:*
UDP u0206397:62517 *:*
UDP u0206397:62519 *:*
UDP u0206397:62521 *:*
UDP u0206397:62523 *:*
UDP u0206397:62524 *:*
UDP u0206397:ntp *:*
UDP u0206397:1900 *:*

 

[Curt]

I've been frustrated by the 425 Can't open data connection
message when trying to list (ls) the content of a FTP
server directory after logging in successfully.

Try using an FTP client that can use "Passive" mode rather than "Active"
mode. See below.

"When you connect to an FTP server using the Windows NT or Windows 2000
command-line FTP client and issue a quote <command>, the next command that
you issue may generate a 425 Can't open data connection error.

When an active mode FTP client passes a command to a FTP server, the client
passes a port on which it listens for a server response. If the client
sends a command that does not require a data port, it doesn't send one.

FTP clients can pass the server commands that they do not interpret. These
commands use the quote <command> syntax. The client sends these commands
without a listen port for the data, so the server generates the 425 error
if a port is required.

The ls command requires a listen port, and therefore sends one. The Quote
command doesn't send a port, so Quote ls generates a 425 error.

The Windows FTP client does not support passive mode, so it always needs to
send a port when issuing a command that returns data."

 

[Yong-Kwang Goh]

Well. Although the Windows FTP client purportedly doesn't
support PASV, I tried out the command:
---
QUOTE PASV
---
And then it goes into passive mode. It says:
---
227 Entering Passive Mode (64,94,17,69,4,164).
---
Still it doesn't help. If I do a LS, it says:
---
200 command successful
425 Can't open data connection
---

Anyway, the strange thing about the whole 425 error is
this: it used to work fine (using active mode) on my same
computer under XP when it was shipped to me new. Then
perhaps after 5 months of use and a cascading series of
Windows updates and software installation and tweaking of
settings, somehow now the FTP doesn't work. Previously, I
don't even have to twiddle with firewall settings or FTP
passive mode.

And an even stranger aspect is that it works on Win98 in
active mode but not on XP. Strange indeed.

 

[Curt]

Well. Although the Windows FTP client purportedly doesn't
support PASV, I tried out the command:
---
QUOTE PASV
---
And then it goes into passive mode. It says:
---
227 Entering Passive Mode (64,94,17,69,4,164).
---
Still it doesn't help. If I do a LS, it says:
---
200 command successful
425 Can't open data connection
---

Anyway, the strange thing about the whole 425 error is
this: it used to work fine (using active mode) on my same
computer under XP when it was shipped to me new. Then
perhaps after 5 months of use and a cascading series of
Windows updates and software installation and tweaking of
settings, somehow now the FTP doesn't work. Previously, I
don't even have to twiddle with firewall settings or FTP
passive mode.

And an even stranger aspect is that it works on Win98 in
active mode but not on XP. Strange indeed.

I do not think that the XP native ftp does pasv mode. Try using your IE in
pasv mode to ftp.

Most FTP clients (except XP's native FTP), including Web browsers like
Internet Explorer, support a PASV FTP option.

To set the PASV option in Internet Explorer, check the "Use Passive FTP"
box in the Advanced tab under Tools/Internet Options.

 

[Goh, Yong Kwang]

I enabled "Use passive FTP" under IE. Still doesn't work; IE will upon
login keep saying "Searching for content" in the status bar. I guess
somehow the TCP/IP stack or some networking s/w in my XP is broken and
a clean XP reinstallation maybe a solution to this mysterious and
thorny problem.

Thanks for your help anyway Curt.

 

[Guest]

I have the same problem. I have tried the above ideas. Nothing has worked. Same results. Contacted ISP, security software folks, web host...If there are any more ideas out there I would love to hear them.

bruce

 

[Guest]

Bruce, did you ever find a solution to this? I'm having exactly the same problem using FTP to my local Linux box. Telnet works fine. Also, FTP from another Win98 machine (using active PORT commands) works without problems. Using WS-FTP with PASV mode enabled also works. I have no firewalls (internal or external) and no NAT.

This is most DEFINITELY a Windows XP problem! I used the debugging mode with the WinXP console program and found that all PORT commands were properly acknowledged by the Linux box as successful, but certain requested ports caused the FTP client to hang waiting for a response. Obviously, the FTP server thought the port was opened successful, but the message never got to the FTP client.

If an MVP or MS rep is monitoring this thread - Please don't say I have to use PASV mode as a solution to this problem. This should only be required when operating behind a firewall, and the WinXP console program doesn't support PASV mode. From the information in this thread and others, it's clear that one of the security updates for WinXP has effectively broken FTP so that data port connections initiated by the server (which is the DEFAULT) don't work correctly anymore. This does NOT comply with RFC 0959, and needs to be fixed.

Ok, I'm done ranting...