Archive for Uncategorized

Command-line Passive FTP – Dreaded 150 Opening ASCII mode data connection.

I hope I can save someone some time with this.  I had to create some simple batch scripts to move some files around to different servers in geographical locations, fair enough.  I configured two without issue, but then my script ran into a problem, it would hang on the ‘ls’ command when testing at 150 Opening ASCII mode data connection.

It all boiled down to the inability for the default FTP command-line program to connect passively to an FTP server.  I could connect fine using Windows Explorer, which has passive mode enabled within IE and also via WinSCP with passive enabled also.  The annoying thing was that I had complete control over the FTP servers I was connecting to, so I went about trying to troubleshoot the server rather than the client side….!

After finally figuring this out, I went in search of a command-line solution, and found one in the form of NCFTP( of which I just needed NCFTPPut ( of which I just downloaded the pre-complied Windows binaries and grabbed out NCFTPPut.exe from its installation destination to where I needed it in my batch script, yes I could have just left it there but didn’t.  And a couple of simple commands later, Passive FTP via the command line for use in a batch script! Example of the syntax I used below:

ncftpput.exe -u username-p password ftpserveraddress destinationfolder sourcefolder

As easy as that… 🙂 I hope it saves someone else hours of troubleshooting.

Testing SSL Ciphers

Stumbled across a sweet Windows port for SSLScan:

Extremely useful when testing out 256-bit SSL on IIS 7.5 🙂

FTP in IIS 7.5 – Firewalled and Not

We have hosted infrastructure in the US and UK which both needed FTP access.  Previously FTP in IIS has been pretty straightforward, but given the setup of each environment FTP was going to be an issue.

I found the following walkthrough given by Microsoft, as we were using Windows Server 2008 R2, the installation of the additional module can be ignored:

The one caveat for me given our environment was the step whereby you specify the ‘External IP Address of Firewall’, for the environment behind a load balancer, this must be specified.  When behind a firewall, at least in our instance, nothing should be specified.

The symptoms of issues were being able to log into the FTP server, but then not being able to list the directory, in both passive and active modes on the client side, it would just time out.

So if you’re seeing a timeout when you list directory from your FTP client connecting to an IIS 7.5 FTP server, tweak the settings specified in the link above.  In both cases, I had to specify a data channel port range.

Dell EqualLogic Multipathing Extension Module – Deleting existing vSwitch

When removing an existing iSCSIvSwitch created using the MEM module setup, you will need to remove the stagnant VMkernel bindings with the existing physical NICs.

This is done by SSH-ing into the ESX host and running the following command:

esxcli swiscsi nic remove –n <vmk_interface> –d <vmhba_device>

You can determine which vmk_interface is associated with which physical NIC and associated vmbha, by running the following command:

esxcli swiscsi nic list –d <vmhba_device>

Once this has been done, you can follow the process of creating the iSCSIvSwitch using the MEM Module.

Simple process that held me up for a while, reference link: