FTP Client cannot open data connection



The FTP Client is installed on a brand new Windows 2003 computer hosted by
an ISP.
As you can see from the dialog below it cannot open data connection. This
happens with all FTP sites I tried to contact.
Could you help?
Thanks and Best regards,

! Connecting to ftp.microsoft.com...
< 220 Microsoft FTP Service
USER anonymous
< 331 Anonymous access allowed, send identity (e-mail name) as password.
PASS (hidden)
< 230-This is FTP.Microsoft.Com.
< 230 Anonymous user logged in.
SYST < 215 Windows_NT
< 257 "/" is current directory.
< 227 Entering Passive Mode (207,46,133,140,62,22).
< 425 Can't open data connection.
< 257 "/" is current directory.
< 227 Entering Passive Mode (207,46,133,140,62,26).
< 425 Can't open data connection.
! Unable to connect to ftp.microsoft.com! (425 Can't open data connection.)
< 421 Timeout (30 seconds): closing control connection.
< 421 Terminating connection.


Hi Dan,
Looking at the connection string I see the Port 21 control channel
connection from your client to the micorsoft FTP server and the
authenication request. Then the user and password being sent and excepted
and the control channel connection being established. Your client then
issues a control syst command, then an PASV list command. The microsoft FTP
server then follows thru with a passive mode request for your client to make
a second connection to the server (this is the data channel) to
"" this is microsofts FTP servers IP address and it's
listening on port 15894 for your client to make the second connection. So
far this is consitant with FTP passive mode connection. However your client
never makes the connection so data cannot be moved (the list command).
Microsofts FTP server then issues a 425 ERROR on the control channel (port
21) and issues a second request for your client to make a connection on
"", but again your client dose not make the connection,
so no data channel is opened and again the FTP server throws another 425
ERROR, and the port 21 control channel times out and is closed by the
Anyway either of two things are happining, the client is attempting to
make the second connection on port 15894, and then a second time on port
15898 and it is being bloked, or the client is not doing anything with the
second connection. If you are using IE as the client, there was a known
issue that sometimes it could issue a command to an FTP server and not
interpet it's own command, so it didn't follow thru, but this was on older
versions. The one thing to check if it is IE that your using is to properly
set it for PASSIVE MODE you have to make two changes in IE properties. One
is the obvious, place a check next USE PASV FTP, but the other one above it
also needs to be UNCHECKED where it says use FOLDER VIEW FOR FTP.
As far as the rest of your system, (the TCP/IP stack) it must be OK
since it make the CONTROL connection all right.


Problem Solved!

In IPSec console | IP Security Policies on local computer | Packet Filter
Properties | Block All was checked.

I unchecked it and... magic!

Aug 18, 2009
Reaction score
I have been trying to access a Siebel webserver and getting following error in cute ftp can any one help me



STATUS:> [8/18/2009 1:39:20 PM] Getting listing ""...
STATUS:> [8/18/2009 1:39:20 PM] Connecting to FTP server... (ip =

STATUS:> [8/18/2009 1:39:20 PM] Socket connected. Waiting for welcome message...

[8/18/2009 1:39:20 PM] 220 srmwbs02 FTP server (Version Tue Jul 29 07:36:52 GMT 2008) ready.

STATUS:> [8/18/2009 1:39:20 PM] Connected. Authenticating...

COMMAND:> [8/18/2009 1:39:20 PM] USER sbladm

[8/18/2009 1:39:20 PM] 331 Password required for sbladm.

COMMAND:> [8/18/2009 1:39:20 PM] PASS *****

[8/18/2009 1:39:20 PM] 230 User sbladm logged in.

STATUS:> [8/18/2009 1:39:20 PM] Login successful.

COMMAND:> [8/18/2009 1:39:20 PM] PWD

[8/18/2009 1:39:20 PM] 257 "/home/sbladm" is current directory.

STATUS:> [8/18/2009 1:39:20 PM] Home directory: /home/sbladm

COMMAND:> [8/18/2009 1:39:20 PM] FEAT

[8/18/2009 1:39:20 PM] 500 'FEAT': command not understood.

STATUS:> [8/18/2009 1:39:20 PM] This site doesn't support the 'features' command.

COMMAND:> [8/18/2009 1:39:20 PM] REST 100

[8/18/2009 1:39:20 PM] 350 Restarting at 100. Send STORE or RETRIEVE to initiate transfer.

STATUS:> [8/18/2009 1:39:20 PM] This site can resume broken downloads.

COMMAND:> [8/18/2009 1:39:20 PM] REST 0

[8/18/2009 1:39:20 PM] 350 Restarting at 0. Send STORE or RETRIEVE to initiate transfer.

COMMAND:> [8/18/2009 1:39:20 PM] PORT 10,53,241,33,12,8

[8/18/2009 1:39:20 PM] 200 PORT command successful.

COMMAND:> [8/18/2009 1:39:20 PM] NLST

ERROR:> [8/18/2009 1:40:20 PM] Timeout (60000 ms) occurred on receiving server response.


