Problem about Window Xp SP2 firewall and the buildin FTP c..

Archived from groups: microsoft.public.windowsxp.general (More info?)

Dear Tom,

Sorry for so late to response to your reply on the
newsgroup.

I checked the firewall log, that the firewall drop
several TCP SYN packets that may cause the FTP hand
problem (seems waiting for server to connect to client
for file transfer).

Could you please give me your email address that i
can send the screen capture, firewall log, etc to you.

BTW, I always test the XP SP2 on both my own FTP
server, production FTP server(both IIS 5.0, window
2000 server, service pack 4, with max. connections =
100, 000) and FTP server on IBM AIX. The problem
occurs when firewall is turned on.

The site: ftp2.de.nero.com is a reference site only
that my FTP site is located within my company's
intranet that can't let you try to connect for
testing. Sorry for confusing you.

I think this situation do not happen on individual
PC due to wrong config. or installation problem, since
i have also tested 3 new PCs, preinstalled with XP SP2
(2 HP, 1 IBM), the same problem occurs.

Thank you for your kind attention.
2 answers Last reply
More about problem window firewall buildin
  1. Archived from groups: microsoft.public.windowsxp.general (More info?)

    No idea what you are talking about as you deleted all previous text. It sounds like you need passive FTP. Normal FTP both client and server computers are servers AND clients. One with the data (the server) and one with the control channel (the client).

    Clients connect to servers. In FTP both computers connect to the other. Passive is client to server computers only.

    --
    --------------------------------------------------------------------------------------------------
    http://webdiary.smh.com.au/archives/_comment/001075.html
    =================================================
    "ping" <imperfectluk-wonder@yahoo.com.hk> wrote in message news:1119434529.457239.65120@g47g2000cwa.googlegroups.com...
    > Dear Tom,
    >
    > Sorry for so late to response to your reply on the
    > newsgroup.
    >
    > I checked the firewall log, that the firewall drop
    > several TCP SYN packets that may cause the FTP hand
    > problem (seems waiting for server to connect to client
    > for file transfer).
    >
    > Could you please give me your email address that i
    > can send the screen capture, firewall log, etc to you.
    >
    > BTW, I always test the XP SP2 on both my own FTP
    > server, production FTP server(both IIS 5.0, window
    > 2000 server, service pack 4, with max. connections =
    > 100, 000) and FTP server on IBM AIX. The problem
    > occurs when firewall is turned on.
    >
    > The site: ftp2.de.nero.com is a reference site only
    > that my FTP site is located within my company's
    > intranet that can't let you try to connect for
    > testing. Sorry for confusing you.
    >
    > I think this situation do not happen on individual
    > PC due to wrong config. or installation problem, since
    > i have also tested 3 new PCs, preinstalled with XP SP2
    > (2 HP, 1 IBM), the same problem occurs.
    >
    > Thank you for your kind attention.
    >
  2. Archived from groups: microsoft.public.windowsxp.general (More info?)

    David,
    Below are all the previous text..
    >>>>======================================
    Problem about Window Xp SP2 firewall and the buildin FTP command
    All 10 messages in topic - view as tree

    msnews.microsoft.com Jun 5, 12:15 am show options
    Newsgroups: microsoft.public.windowsxp.general
    From: "msnews.microsoft.com" <1...@1.com> - Find messages by this
    author
    Date: Sun, 5 Jun 2005 00:15:17 +0800
    Local: Sun,Jun 5 2005 12:15 am
    Subject: Problem about Window Xp SP2 firewall and the buildin FTP
    command
    Reply | Reply to Author | Forward | Print | Individual Message | Show
    original | Report Abuse

    Hi,
    I find a problem that if running multiple FTP command at the same
    time,
    the FTP will get hang
    when issuing the get command if the buildin firewall in on (already add
    ftp.exe program to the exception list).

    Steps to reproduce the problem:
    1. open multiple DOS shell(cmd.exe) (say 5)
    2. on each DOS shell, type ftp -s:abc.txt (where abc is a file that
    contain
    ftp command to get several files) but don't press enter.
    3. press enter to run the ftp commands, one by one quickly at same
    time.
    4. the problem will occur that after issuing the get command, the ftp
    hang!!

    Is it that the buildin firewall can't handle too many connection at the
    same
    time?
    I check the event log, no strange or useful event generated.

    Can anybody tell how can i solve it?
    (as one of my program will execute ftp.exe many time at the same time!)

    Reply


    Carey Frisch [MVP] Jun 5, 12:32 am show options
    Newsgroups: microsoft.public.windowsxp.general
    From: "Carey Frisch [MVP]" <cnfri...@nospamgmail.com> - Find messages
    by this author
    Date: Sat, 4 Jun 2005 11:32:49 -0500
    Local: Sun,Jun 5 2005 12:32 am
    Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    command
    Reply | Reply to Author | Forward | Print | Individual Message | Show
    original | Report Abuse

    Windows XP SP2 to limit Max Connections/sec
    http://www.msfn.org/print.php?id=9017

    --
    Carey Frisch
    Microsoft MVP
    Windows XP - Shell/User
    Microsoft Newsgroups

    Get Windows XP Service Pack 2 with Advanced Security Technologies:
    http://www.microsoft.com/athome/security/protect/windowsxp/choose.mspx

    -------------------------------------------------------------------------------------------

    "msnews.microsoft.com" wrote:

    |

    - Hide quoted text -
    - Show quoted text -
    Hi,
    | I find a problem that if running multiple FTP command at the same
    time,
    | the FTP will get hang
    | when issuing the get command if the buildin firewall in on (already
    add
    | ftp.exe program to the exception list).
    |
    | Steps to reproduce the problem:
    | 1. open multiple DOS shell(cmd.exe) (say 5)
    | 2. on each DOS shell, type ftp -s:abc.txt (where abc is a file that
    contain
    | ftp command to get several files) but don't press enter.
    | 3. press enter to run the ftp commands, one by one quickly at same
    time.
    | 4. the problem will occur that after issuing the get command, the ftp
    hang!!
    |
    | Is it that the buildin firewall can't handle too many connection at
    the same
    | time?
    | I check the event log, no strange or useful event generated.
    |
    | Can anybody tell how can i solve it?
    | (as one of my program will execute ftp.exe many time at the same time

    !)

    Reply


    Detlev Dreyer Jun 5, 12:50 am show options
    Newsgroups: microsoft.public.windowsxp.general
    From: "Detlev Dreyer" <detdre...@flashmail.com> - Find messages by this
    author
    Date: Sat, 04 Jun 2005 16:50:00 GMT
    Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    command
    Reply | Reply to Author | Forward | Print | Individual Message | Show
    original | Report Abuse

    "msnews.microsoft.com" wrote:
    > Is it that the buildin firewall can't handle too many connection at the
    > same time?

    Not really.
    http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2net...

    > I check the event log, no strange or useful event generated.

    | Limited number of simultaneous incomplete outbound TCP connection
    | attempts
    | ...
    | When it does occur, a new event, with ID 4226, appears in the
    system's
    | event log.

    --
    d-d

    Reply


    Tom Che [MSFT] Jun 6, 5:26 pm show options
    Newsgroups: microsoft.public.windowsxp.general
    From: v-tom...@online.microsoft.com (Tom Che [MSFT]) - Find messages by
    this author
    Date: Mon, 06 Jun 2005 09:26:10 GMT
    Local: Mon,Jun 6 2005 5:26 pm
    Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    command
    Reply | Reply to Author | Forward | Print | Individual Message | Show
    original | Report Abuse

    Hi,

    Thanks for posting here. Also thanks for Carey and Detlev's kindly
    reply.

    >From your post, my understanding of this issue is: If you keep Windows
    Firewall enabled and run multiple FTP command at the same time, the FTP
    will get hang. If this is not correct, please feel free to let me
    know.

    Based on your description, I cannot reproduce this issue on my
    computer.
    However, you may refer to our MVP's suggestion - modify the Registry
    (TcpNumConnections) or run "netsh winsock reset" to repair Winsock and
    TCP/IP, and then test this issue. If this issue persists, please let
    me
    know the following information if you need any further assistance:

    1. Are you sure this issue will disappear if you turn off the Windows
    Firewall?

    2. Does this issue occur on other computers?

    3. Have you tried to use third-party FTP application to do a same test?

    Have a nice day!

    Sincerely,

    Tom Che

    Microsoft Online Partner Support
    Get Secure! - www.microsoft.com/security
    =====================================================
    When responding to posts, please "Reply to Group" via your newsreader
    so
    that others may learn and benefit from your issue.
    =====================================================
    This posting is provided "AS IS" with no warranties, and confers no
    rights.

    --------------------

    - Hide quoted text -
    - Show quoted text -
    >Message-ID: <55afd3663f84728f1e16e7b279ce9...@d-d.mvps.org>
    >Date: Sat, 04 Jun 2005 16:50:00 GMT
    >From: "Detlev Dreyer" <detdre...@flashmail.com>
    >Organization: Not responsible
    >Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    command
    >References: <e#EUYCSaFHA....@TK2MSFTNGP10.phx.gbl>
    >X-Comment: MS-MVP Germany
    >X-Importance: Normal
    >X-Priority: 3
    >Content-Type: text/plain; charset=ISO-8859-1
    >Content-Transfer-Encoding: 8bit
    >Lines: 17
    >Newsgroups: microsoft.public.windowsxp.general
    >NNTP-Posting-Host: ACB1D506.ipt.aol.com 172.177.213.6
    >Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP15.phx.gbl
    >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windowsxp.general:401625
    >X-Tomcat-NG: microsoft.public.windowsxp.general

    >"msnews.microsoft.com" wrote:

    >> Is it that the buildin firewall can't handle too many connection at the
    >> same time?

    >Not really.
    >http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2net...

    x#

    - Hide quoted text -
    - Show quoted text -
    EIAA

    >> I check the event log, no strange or useful event generated.

    >| Limited number of simultaneous incomplete outbound TCP connection
    >| attempts
    >| ...
    >| When it does occur, a new event, with ID 4226, appears in the system's
    >| event log.

    >--
    >d-d

    Reply


    a ms user Jun 7, 12:14 am show options
    Newsgroups: microsoft.public.windowsxp.general
    From: "a ms user" <1...@1.com> - Find messages by this author
    Date: Tue, 7 Jun 2005 00:14:48 +0800
    Local: Tues,Jun 7 2005 12:14 am
    Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    command
    Reply | Reply to Author | Forward | Print | Individual Message | Show
    original | Report Abuse

    Dear Tom,
    Thanks for your reply.
    ***IN order to reproduce the error, you should press the ENTER key
    very
    FAST!!! ***
    I'm now at home without XP SP2, so can't modify the
    tcpnumconnections or
    try netsh....
    i will try them tomorrow at office.

    Some ans. for your points:
    1. Up to now, i try many times, this situation only occur when
    firewall
    is on.
    2. I think this issue should happen on other computers, as i can
    reproduce this error on 3 other XP SP2 workstations.
    (2 desktops, 1 notebook)
    3. Haven't try third party FTP software. But ever try using
    window's
    file explorer to down many files at the same time, no
    problem occur!!!!

    Today, in office, i run the ftp command in debug mode (issue
    command
    debug), after issue a get command,
    i compare the message PORT IP_address,port(e.g. PORT
    192,168,11,1,1,252) and
    the pfirewall.log (locate at
    c:\windows) that no connection to such port (1252?) is established,
    instead
    many ports larger 5000, are used for
    data transfer.....do the firewall do some port-forwarding activities?

    BTW, today, i write a simple ftp program (using function
    FTPgetfileA,in
    wininet.dll, to get files), the problem
    occur too..

    Don't know if this problem cause by firewall or limit of tcp
    connection
    ...
    PS: i check the event log that no event of event id 4226 (generated
    when
    exceed 10 simantenous
    outgoing connection).

    Tom, please follow the steps mentioned again to reproduce the
    error.
    THANK YOU FOR YOUR KIND ATTENTION AND HELP.

    below is a sample of the ftp command files:
    --------------------------------------------------------
    open ftp2.de.nero.com
    anonymous
    1...@1.com
    get iomega.zip
    get gear.zip
    get iomega.zip
    get gear.zip
    get iomega.zip
    get gear.zip
    get iomega.zip
    get gear.zip
    quit
    --------------------------------------------------------

    "Tom Che [MSFT]" <v-tom...@online.microsoft.com> ¦b¶l¥ó
    news:Zm9lJnnaFHA.3336@TK2MSFTNGXA01.phx.gbl ¤¤¼¶¼g....

    - Hide quoted text -
    - Show quoted text -
    > Hi,

    > Thanks for posting here. Also thanks for Carey and Detlev's kindly reply.

    > From your post, my understanding of this issue is: If you keep Windows
    > Firewall enabled and run multiple FTP command at the same time, the FTP
    > will get hang. If this is not correct, please feel free to let me know.

    > Based on your description, I cannot reproduce this issue on my computer.
    > However, you may refer to our MVP's suggestion - modify the Registry
    > (TcpNumConnections) or run "netsh winsock reset" to repair Winsock and
    > TCP/IP, and then test this issue. If this issue persists, please let me
    > know the following information if you need any further assistance:

    > 1. Are you sure this issue will disappear if you turn off the Windows
    > Firewall?

    > 2. Does this issue occur on other computers?

    > 3. Have you tried to use third-party FTP application to do a same test?

    > Have a nice day!

    > Sincerely,

    > Tom Che

    > Microsoft Online Partner Support
    > Get Secure! - www.microsoft.com/security
    > =====================================================
    > When responding to posts, please "Reply to Group" via your newsreader so
    > that others may learn and benefit from your issue.
    > =====================================================
    > This posting is provided "AS IS" with no warranties, and confers no
    rights.

    > --------------------
    > >Message-ID: <55afd3663f84728f1e16e7b279ce9...@d-d.mvps.org>
    > >Date: Sat, 04 Jun 2005 16:50:00 GMT
    > >From: "Detlev Dreyer" <detdre...@flashmail.com>
    > >Organization: Not responsible
    > >Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    > command
    > >References: <e#EUYCSaFHA....@TK2MSFTNGP10.phx.gbl>
    > >X-Comment: MS-MVP Germany
    > >X-Importance: Normal
    > >X-Priority: 3
    > >Content-Type: text/plain; charset=ISO-8859-1
    > >Content-Transfer-Encoding: 8bit
    > >Lines: 17
    > >Newsgroups: microsoft.public.windowsxp.general
    > >NNTP-Posting-Host: ACB1D506.ipt.aol.com 172.177.213.6
    > >Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP15.phx.gbl
    > >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windowsxp.general:401625
    > >X-Tomcat-NG: microsoft.public.windowsxp.general

    > >"msnews.microsoft.com" wrote:

    > >> Is it that the buildin firewall can't handle too many connection at the
    > >> same time?

    > >Not really.

    >http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2net...
    > x#EIAA

    > >> I check the event log, no strange or useful event generated.

    > >| Limited number of simultaneous incomplete outbound TCP connection
    > >| attempts
    > >| ...
    > >| When it does occur, a new event, with ID 4226, appears in the system's
    > >| event log.

    > >--
    > >d-d

    Reply


    a ms user Jun 7, 12:27 am show options
    Newsgroups: microsoft.public.windowsxp.general
    From: "a ms user" <1...@1.com> - Find messages by this author
    Date: Tue, 7 Jun 2005 00:27:22 +0800
    Local: Tues,Jun 7 2005 12:27 am
    Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    command
    Reply | Reply to Author | Forward | Print | Individual Message | Show
    original | Report Abuse

    sorry make a mistake about the interpretation of message PORT
    192,168,11,1,1,252
    actually i don't know if the port stand for 1252 or 508 --> 1 1111 1100
    (binary) or 64513 --> 1111 1100 0000 0011
    but no matter which intrepretation, do not exist in the firewall log (i
    setup to log successful connection)
    thanks
    "a ms user" <1...@1.com> ¦b¶l¥ó
    news:eT2IcLraFHA.3272@TK2MSFTNGP10.phx.gbl ¤¤¼¶
    ¼g...

    - Hide quoted text -
    - Show quoted text -
    > Dear Tom,
    > Thanks for your reply.
    > ***IN order to reproduce the error, you should press the ENTER key
    very
    > FAST!!! ***
    > I'm now at home without XP SP2, so can't modify the tcpnumconnections
    or
    > try netsh....
    > i will try them tomorrow at office.

    > Some ans. for your points:
    > 1. Up to now, i try many times, this situation only occur when
    firewall
    > is on.
    > 2. I think this issue should happen on other computers, as i can
    > reproduce this error on 3 other XP SP2 workstations.
    > (2 desktops, 1 notebook)
    > 3. Haven't try third party FTP software. But ever try using window's
    > file explorer to down many files at the same time, no
    > problem occur!!!!

    > Today, in office, i run the ftp command in debug mode (issue command
    > debug), after issue a get command,
    > i compare the message PORT IP_address,port(e.g. PORT 192,168,11,1,1,252)
    and
    > the pfirewall.log (locate at
    > c:\windows) that no connection to such port (1252?) is established,
    instead
    > many ports larger 5000, are used for
    > data transfer.....do the firewall do some port-forwarding activities?

    > BTW, today, i write a simple ftp program (using function
    FTPgetfileA,in
    > wininet.dll, to get files), the problem
    > occur too..

    > Don't know if this problem cause by firewall or limit of tcp
    connection
    > ..
    > PS: i check the event log that no event of event id 4226 (generated
    when
    > exceed 10 simantenous
    > outgoing connection).

    > Tom, please follow the steps mentioned again to reproduce the error.
    > THANK YOU FOR YOUR KIND ATTENTION AND HELP.

    > below is a sample of the ftp command files:
    > --------------------------------------------------------
    > open ftp2.de.nero.com
    > anonymous
    > 1...@1.com
    > get iomega.zip
    > get gear.zip
    > get iomega.zip
    > get gear.zip
    > get iomega.zip
    > get gear.zip
    > get iomega.zip
    > get gear.zip
    > quit
    > --------------------------------------------------------

    > "Tom Che [MSFT]" <v-tom...@online.microsoft.com> ¦b¶l¥ó
    > news:Zm9lJnnaFHA.3336@TK2MSFTNGXA01.phx.gbl ¤¤¼¶¼g...
    > > Hi,

    > > Thanks for posting here. Also thanks for Carey and Detlev's kindly
    reply.

    > > From your post, my understanding of this issue is: If you keep Windows
    > > Firewall enabled and run multiple FTP command at the same time, the FTP
    > > will get hang. If this is not correct, please feel free to let me know.

    > > Based on your description, I cannot reproduce this issue on my computer.
    > > However, you may refer to our MVP's suggestion - modify the Registry
    > > (TcpNumConnections) or run "netsh winsock reset" to repair Winsock and
    > > TCP/IP, and then test this issue. If this issue persists, please let me
    > > know the following information if you need any further assistance:

    > > 1. Are you sure this issue will disappear if you turn off the Windows
    > > Firewall?

    > > 2. Does this issue occur on other computers?

    > > 3. Have you tried to use third-party FTP application to do a same test?

    > > Have a nice day!

    > > Sincerely,

    > > Tom Che

    > > Microsoft Online Partner Support
    > > Get Secure! - www.microsoft.com/security
    > > =====================================================
    > > When responding to posts, please "Reply to Group" via your newsreader so
    > > that others may learn and benefit from your issue.
    > > =====================================================
    > > This posting is provided "AS IS" with no warranties, and confers no
    > rights.

    > > --------------------
    > > >Message-ID: <55afd3663f84728f1e16e7b279ce9...@d-d.mvps.org>
    > > >Date: Sat, 04 Jun 2005 16:50:00 GMT
    > > >From: "Detlev Dreyer" <detdre...@flashmail.com>
    > > >Organization: Not responsible
    > > >Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    > > command
    > > >References: <e#EUYCSaFHA....@TK2MSFTNGP10.phx.gbl>
    > > >X-Comment: MS-MVP Germany
    > > >X-Importance: Normal
    > > >X-Priority: 3
    > > >Content-Type: text/plain; charset=ISO-8859-1
    > > >Content-Transfer-Encoding: 8bit
    > > >Lines: 17
    > > >Newsgroups: microsoft.public.windowsxp.general
    > > >NNTP-Posting-Host: ACB1D506.ipt.aol.com 172.177.213.6
    > > >Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP15.phx.gbl
    > > >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windowsxp.general:401625
    > > >X-Tomcat-NG: microsoft.public.windowsxp.general

    > > >"msnews.microsoft.com" wrote:

    > > >> Is it that the buildin firewall can't handle too many connection at
    the
    > > >> same time?

    > > >Not really.

    >http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2net...
    > > x#EIAA

    > > >> I check the event log, no strange or useful event generated.

    > > >| Limited number of simultaneous incomplete outbound TCP connection
    > > >| attempts
    > > >| ...
    > > >| When it does occur, a new event, with ID 4226, appears in the
    system's
    > > >| event log.

    > > >--
    > > >d-d

    Reply


    Tom Che [MSFT] Jun 7, 9:06 pm show options
    Newsgroups: microsoft.public.windowsxp.general
    From: v-tom...@online.microsoft.com (Tom Che [MSFT]) - Find messages by
    this author
    Date: Tue, 07 Jun 2005 13:06:48 GMT
    Local: Tues,Jun 7 2005 9:06 pm
    Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    command
    Reply | Reply to Author | Forward | Print | Individual Message | Show
    original | Report Abuse

    Hi,

    Thanks for your update.

    I have performed a lot of tests, but still have not expected result.
    Please see my tests as below:

    Note:
    ================
    (1). I copy your example ftp command file to a.txt saved in C:\dell
    folder.

    (2). I cannot turn off Windows Firewall, since it is controlled by
    Domain
    Policy in my computer. Therefore, all the tests as below were finished
    with enabled Windows Firewall.

    (3). I cannot add attachment zip file contains 5 JPG files which are
    screenshots in the newsgroup, so please let me know your E-mail and I
    will
    send it to you directly.

    Tests:
    ================
    1. I do followed your instruction, and I opened 6 command windows all
    including the same command "ftp -s:a.txt" under C:\dell. Please see
    1.JPG.

    2. I pressed ENTER on each window as fast as I could (I believed it was
    finished in 2 seconds), then I got the results as 2.JPG. From the
    screenshot, you can see that only 2 windows complete this command
    successfully, but other 4 windows get different errors including
    "Permission denied" and "Not connected". I have repeated step 1 & 2
    about
    a dozen of times, and I got the exactly same results - 2 successes, 3
    "Permission denied" and 1 "Not connected".

    3. I thought there is a better way to run the command at the same time
    -
    using Scheduled Tasks to run 6 same tasks at one time. I edited a
    batch
    file named a.bat containing "ftp -s:c:\dell\a.txt". I added a
    Scheduled
    Task to run "a.bat > ao.txt" as 3.JPG.

    4. I copied a.job to other 5 Task files including b.job, c.job and so
    on.
    I also changed the output file to bo.txt, co.txt and so on. Please see
    4.JPG.

    5. At the scheduled time, these Scheduled Tasks were opened and run
    themselves as expected. After a while, all windows were closed
    automatically (I also noticed the error "Permission denied" appearing
    in
    some windows before close). And then I checked the output files - you
    can
    see the result from 5.JPG - ONLY 2 commands were successful again!
    Other 4
    output files don't contain error information, but obviously they were
    failed.

    ================
    >From above results, I believe this FTP Server (ftp2.de.nero.com) may
    allow
    only 2 sessions from the same IP address simultaneously. Therefore, I
    don't think this issue is related to Windows Firewall, but may be
    caused by
    different network environment or FTP Server. I recommend that you do
    the
    following tests for further troubleshooting:

    1. Perform the multiple FTP commands test on a different network
    environment with enabled and disabled Windows Firewall.

    2. Create a FTP Server by yourself, and make its setting to allow
    multiple
    sessions from one user at the same time. Then try this issue using
    your
    own FTP Server.

    BTW: I cannot find anything useful in my pfirewall.log file, either.

    Hope this helps!

    - Hide quoted text -
    - Show quoted text -
    Have a nice day!
    Sincerely,
    Tom Che

    Microsoft Online Partner Support
    Get Secure
    ! - www
    ..microsoft
    ..com
    /security
    =====================================================
    When
    responding
    to
    posts
    , please
    "Reply
    to
    Group
    " via
    your
    newsreader
    so

    that
    others
    may
    learn
    and
    benefit
    from
    your
    issue
    ..
    =====================================================
    This
    posting
    is
    provided
    "AS
    IS
    " with
    no
    warranties
    , and
    confers
    no
    rights

    ..

    --------------------
    >From: "a ms user" <1...@1.com>
    >References: <e#EUYCSaFHA....@TK2MSFTNGP10.phx.gbl>

    <55afd3663f84728f1e16e7b279ce9...@d-d.mvps.org>
    <Zm9lJnnaFHA.3...@TK2MSFTNGXA01.phx.gbl>
    <eT2IcLraFHA.3...@TK2MSFTNGP10.phx.gbl>

    - Hide quoted text -
    - Show quoted text -
    >Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    command
    >Date: Tue, 7 Jun 2005 00:27:22 +0800
    >Lines: 167
    >X-Priority: 3
    >X-MSMail-Priority: Normal
    >X-Newsreader: Microsoft Outlook Express 6.00.2800.1478
    >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1478
    >Message-ID: <uzfXdSraFHA.2...@TK2MSFTNGP14.phx.gbl>
    >Newsgroups: microsoft.public.windowsxp.general
    >NNTP-Posting-Host: 221.124.167.215
    >Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP14.phx.gbl
    >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windowsxp.general:402810
    >X-Tomcat-NG: microsoft.public.windowsxp.general

    >sorry make a mistake about the interpretation of message PORT
    >192,168,11,1,1,252
    >actually i don't know if the port stand for 1252 or 508 --> 1 1111 1100
    >(binary) or 64513 --> 1111 1100 0000 0011
    >but no matter which intrepretation, do not exist in the firewall log (i
    >setup to log successful connection)
    >thanks
    >"a ms user" <1...@1.com> ¦b¶l¥ó news:eT2IcLraFHA.3272@TK2MSFTNGP10.phx.gbl
    ¤¤¼¶
    >¼g...
    >> Dear Tom,
    >> Thanks for your reply.
    >> ***IN order to reproduce the error, you should press the ENTER key
    >very
    >> FAST!!! ***
    >> I'm now at home without XP SP2, so can't modify the tcpnumconnections
    >or
    >> try netsh....
    >> i will try them tomorrow at office.

    >> Some ans. for your points:
    >> 1. Up to now, i try many times, this situation only occur when
    >firewall
    >> is on.
    >> 2. I think this issue should happen on other computers, as i can
    >> reproduce this error on 3 other XP SP2 workstations.
    >> (2 desktops, 1 notebook)
    >> 3. Haven't try third party FTP software. But ever try using window's
    >> file explorer to down many files at the same time, no
    >> problem occur!!!!

    >> Today, in office, i run the ftp command in debug mode (issue command
    >> debug), after issue a get command,
    >> i compare the message PORT IP_address,port(e.g. PORT 192,168,11,1,1,252)
    >and
    >> the pfirewall.log (locate at
    >> c:\windows) that no connection to such port (1252?) is established,
    >instead
    >> many ports larger 5000, are used for
    >> data transfer.....do the firewall do some port-forwarding activities?

    >> BTW, today, i write a simple ftp program (using function
    >FTPgetfileA,in
    >> wininet.dll, to get files), the problem
    >> occur too..

    >> Don't know if this problem cause by firewall or limit of tcp
    >connection
    >> ..
    >> PS: i check the event log that no event of event id 4226 (generated
    >when
    >> exceed 10 simantenous
    >> outgoing connection).

    >> Tom, please follow the steps mentioned again to reproduce the error.
    >> THANK YOU FOR YOUR KIND ATTENTION AND HELP.

    >> below is a sample of the ftp command files:
    >> --------------------------------------------------------
    >> open ftp2.de.nero.com
    >> anonymous
    >> 1...@1.com
    >> get iomega.zip
    >> get gear.zip
    >> get iomega.zip
    >> get gear.zip
    >> get iomega.zip
    >> get gear.zip
    >> get iomega.zip
    >> get gear.zip
    >> quit
    >> --------------------------------------------------------

    >> "Tom Che [MSFT]" <v-tom...@online.microsoft.com> ¦b¶l¥ó
    >> news:Zm9lJnnaFHA.3336@TK2MSFTNGXA01.phx.gbl ¤¤¼¶¼g...
    >> > Hi,

    >> > Thanks for posting here. Also thanks for Carey and Detlev's kindly
    >reply.

    >> > From your post, my understanding of this issue is: If you keep Windows
    >> > Firewall enabled and run multiple FTP command at the same time, the FTP
    >> > will get hang. If this is not correct, please feel free to let me
    know.

    >> > Based on your description, I cannot reproduce this issue on my
    computer.
    >> > However, you may refer to our MVP's suggestion - modify the Registry
    >> > (TcpNumConnections) or run "netsh winsock reset" to repair Winsock and
    >> > TCP/IP, and then test this issue. If this issue persists, please let
    me
    >> > know the following information if you need any further assistance:

    >> > 1. Are you sure this issue will disappear if you turn off the Windows
    >> > Firewall?

    >> > 2. Does this issue occur on other computers?

    >> > 3. Have you tried to use third-party FTP application to do a same test?

    >> > Have a nice day!

    >> > Sincerely,

    >> > Tom Che

    >> > Microsoft Online Partner Support
    >> > Get Secure! - www.microsoft.com/security
    >> > =====================================================
    >> > When responding to posts, please "Reply to Group" via your newsreader
    so
    >> > that others may learn and benefit from your issue.
    >> > =====================================================
    >> > This posting is provided "AS IS" with no warranties, and confers no
    >> rights.

    >> > --------------------
    >> > >Message-ID: <55afd3663f84728f1e16e7b279ce9...@d-d.mvps.org>
    >> > >Date: Sat, 04 Jun 2005 16:50:00 GMT
    >> > >From: "Detlev Dreyer" <detdre...@flashmail.com>
    >> > >Organization: Not responsible
    >> > >Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    >> > command
    >> > >References: <e#EUYCSaFHA....@TK2MSFTNGP10.phx.gbl>
    >> > >X-Comment: MS-MVP Germany
    >> > >X-Importance: Normal
    >> > >X-Priority: 3
    >> > >Content-Type: text/plain; charset=ISO-8859-1
    >> > >Content-Transfer-Encoding: 8bit
    >> > >Lines: 17
    >> > >Newsgroups: microsoft.public.windowsxp.general
    >> > >NNTP-Posting-Host: ACB1D506.ipt.aol.com 172.177.213.6
    >> > >Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP15.phx.gbl
    >> > >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windowsxp.general:401625
    >> > >X-Tomcat-NG: microsoft.public.windowsxp.general

    >> > >"msnews.microsoft.com" wrote:

    >> > >> Is it that the buildin firewall can't handle too many connection at
    >the
    >> > >> same time?

    >> > >Not really.

    >>http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2net...
    p
    >> > x#EIAA

    >> > >> I check the event log, no strange or useful event generated.

    >> > >| Limited number of simultaneous incomplete outbound TCP connection
    >> > >| attempts
    >> > >| ...
    >> > >| When it does occur, a new event, with ID 4226, appears in the
    >system's
    >> > >| event log.

    >> > >--
    >> > >d-d

    Reply


    ping Jun 21, 6:22 pm show options
    Newsgroups: microsoft.public.windowsxp.general
    From: "ping" <imperfectluk-won...@yahoo.com.hk> - Find messages by this
    author
    Date: 21 Jun 2005 03:22:15 -0700
    Local: Tues,Jun 21 2005 6:22 pm
    Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    command
    Reply | Reply to Author | Forward | Print | Individual Message | Show
    original | Remove | Report Abuse

    Dear Tom,

    Sorry for so late to response to your reply on the
    newsgroup.

    I checked the firewall log, that the firewall drop
    several TCP SYN packets that may cause the FTP hand
    problem (seems waiting for server to connect to client
    for file transfer).

    Could you please give me your email address that i
    can send the screen capture, firewall log, etc to you.

    BTW, I always test the XP SP2 on both my own FTP
    server, production FTP server(both IIS 5.0, window
    2000 server, service pack 4, with max. connections =
    100, 000) and FTP server on IBM AIX. The problem
    occurs when firewall is turned on.

    The site: ftp2.de.nero.com is a reference site only
    that my FTP site is located within my company's
    intranet that can't let you try to connect for
    testing. Sorry for confusing you.

    I think this situation do not happen on individual
    PC due to wrong config. or installation problem, since
    i have also tested 3 new PCs, preinstalled with XP SP2
    (2 HP, 1 IBM), the same problem occurs.

    Thank you for your kind attention.

    Tom Che [MSFT] 寫道:

    - Hide quoted text -
    - Show quoted text -
    > Hi,

    > Thanks for your update.

    > I have performed a lot of tests, but still have not expected result.
    > Please see my tests as below:

    > Note:
    > ================
    > (1). I copy your example ftp command file to a.txt saved in C:\dell folder.

    > (2). I cannot turn off Windows Firewall, since it is controlled by Domain
    > Policy in my computer. Therefore, all the tests as below were finished
    > with enabled Windows Firewall.

    > (3). I cannot add attachment zip file contains 5 JPG files which are
    > screenshots in the newsgroup, so please let me know your E-mail and I will
    > send it to you directly.

    > Tests:
    > ================
    > 1. I do followed your instruction, and I opened 6 command windows all
    > including the same command "ftp -s:a.txt" under C:\dell. Please see 1.JPG.

    > 2. I pressed ENTER on each window as fast as I could (I believed it was
    > finished in 2 seconds), then I got the results as 2.JPG. From the
    > screenshot, you can see that only 2 windows complete this command
    > successfully, but other 4 windows get different errors including
    > "Permission denied" and "Not connected". I have repeated step 1 & 2 about
    > a dozen of times, and I got the exactly same results - 2 successes, 3
    > "Permission denied" and 1 "Not connected".

    > 3. I thought there is a better way to run the command at the same time -
    > using Scheduled Tasks to run 6 same tasks at one time. I edited a batch
    > file named a.bat containing "ftp -s:c:\dell\a.txt". I added a Scheduled
    > Task to run "a.bat > ao.txt" as 3.JPG.

    > 4. I copied a.job to other 5 Task files including b.job, c.job and so on.
    > I also changed the output file to bo.txt, co.txt and so on. Please see
    > 4.JPG.

    > 5. At the scheduled time, these Scheduled Tasks were opened and run
    > themselves as expected. After a while, all windows were closed
    > automatically (I also noticed the error "Permission denied" appearing in
    > some windows before close). And then I checked the output files - you can
    > see the result from 5.JPG - ONLY 2 commands were successful again! Other 4
    > output files don't contain error information, but obviously they were
    > failed.

    > ================
    > From above results, I believe this FTP Server (ftp2.de.nero.com) may allow
    > only 2 sessions from the same IP address simultaneously. Therefore, I
    > don't think this issue is related to Windows Firewall, but may be caused by
    > different network environment or FTP Server. I recommend that you do the
    > following tests for further troubleshooting:

    > 1. Perform the multiple FTP commands test on a different network
    > environment with enabled and disabled Windows Firewall.

    > 2. Create a FTP Server by yourself, and make its setting to allow multiple
    > sessions from one user at the same time. Then try this issue using your
    > own FTP Server.

    > BTW: I cannot find anything useful in my pfirewall.log file, either.

    > Hope this helps!

    > Have a nice day!

    > Sincerely,

    > Tom Che

    > Microsoft Online Partner Support
    > Get Secure! - www.microsoft.com/security
    > =====================================================
    > When responding to posts, please "Reply to Group" via your newsreader so
    > that others may learn and benefit from your issue.
    > =====================================================
    > This posting is provided "AS IS" with no warranties, and confers no rights.

    > --------------------
    > >From: "a ms user" <1...@1.com>
    > >References: <e#EUYCSaFHA....@TK2MSFTNGP10.phx.gbl>
    > <55afd3663f84728f1e16e7b279ce9...@d-d.mvps.org>
    > <Zm9lJnnaFHA.3...@TK2MSFTNGXA01.phx.gbl>
    > <eT2IcLraFHA.3...@TK2MSFTNGP10.phx.gbl>
    > >Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    > command
    > >Date: Tue, 7 Jun 2005 00:27:22 +0800
    > >Lines: 167
    > >X-Priority: 3
    > >X-MSMail-Priority: Normal
    > >X-Newsreader: Microsoft Outlook Express 6.00.2800.1478
    > >X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1478
    > >Message-ID: <uzfXdSraFHA.2...@TK2MSFTNGP14.phx.gbl>
    > >Newsgroups: microsoft.public.windowsxp.general
    > >NNTP-Posting-Host: 221.124.167.215
    > >Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP14.phx.gbl
    > >Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windowsxp.general:402810
    > >X-Tomcat-NG: microsoft.public.windowsxp.general

    > >sorry make a mistake about the interpretation of message PORT
    > >192,168,11,1,1,252
    > >actually i don't know if the port stand for 1252 or 508 --> 1 1111 1100
    > >(binary) or 64513 --> 1111 1100 0000 0011
    > >but no matter which intrepretation, do not exist in the firewall log (i
    > >setup to log successful connection)
    > >thanks
    > >"a ms user" <1...@1.com> ¦b¶l¥ó news:eT2IcLraFHA.3272@TK2MSFTNGP10.phx.gbl
    > ¤¤¼¶
    > >¼g...
    > >> Dear Tom,
    > >> Thanks for your reply.
    > >> ***IN order to reproduce the error, you should press the ENTER key
    > >very
    > >> FAST!!! ***
    > >> I'm now at home without XP SP2, so can't modify the tcpnumconnections
    > >or
    > >> try netsh....
    > >> i will try them tomorrow at office.

    > >> Some ans. for your points:
    > >> 1. Up to now, i try many times, this situation only occur when
    > >firewall
    > >> is on.
    > >> 2. I think this issue should happen on other computers, as i can
    > >> reproduce this error on 3 other XP SP2 workstations.
    > >> (2 desktops, 1 notebook)
    > >> 3. Haven't try third party FTP software. But ever try using window's
    > >> file explorer to down many files at the same time, no
    > >> problem occur!!!!

    > >> Today, in office, i run the ftp command in debug mode (issue command
    > >> debug), after issue a get command,
    > >> i compare the message PORT IP_address,port(e.g. PORT 192,168,11,1,1,252)
    > >and
    > >> the pfirewall.log (locate at
    > >> c:\windows) that no connection to such port (1252?) is established,
    > >instead
    > >> many ports larger 5000, are used for
    > >> data transfer.....do the firewall do some port-forwarding activities?

    > >> BTW, today, i write a simple ftp program (using function
    > >FTPgetfileA,in
    > >> wininet.dll, to get files), the problem
    > >> occur too..

    > >> Don't know if this problem cause by firewall or limit of tcp
    > >connection
    > >> ..
    > >> PS: i check the event log that no event of event id 4226 (generated
    > >when
    > >> exceed 10 simantenous
    > >> outgoing connection).

    > >> Tom, please follow the steps mentioned again to reproduce the error.
    > >> THANK YOU FOR YOUR KIND ATTENTION AND HELP.

    > >> below is a sample of the ftp command files:
    > >> --------------------------------------------------------
    > >> open ftp2.de.nero.com
    > >> anonymous
    > >> 1...@1.com
    > >> get iomega.zip
    > >> get gear.zip
    > >> get iomega.zip
    > >> get gear.zip
    > >> get iomega.zip
    > >> get gear.zip
    > >> get iomega.zip
    > >> get gear.zip
    > >> quit
    > >> --------------------------------------------------------

    > >> "Tom Che [MSFT]" <v-tom...@online.microsoft.com> ¦b¶l¥ó
    > >> news:Zm9lJnnaFHA.3336@TK2MSFTNGXA01.phx.gbl ¤¤¼¶¼g...
    > >> > Hi,

    > >> > Thanks for posting here. Also thanks for Carey and Detlev's kindly
    > >reply.

    > >> > From your post, my understanding of this issue is: If you keep Windows
    > >> > Firewall enabled and run multiple FTP command at the same time, the FTP
    > >> > will get hang. If this is not correct, please feel free to let me
    > know.

    > >> > Based on your description, I cannot reproduce this issue on my
    > computer.
    > >> > However, you may refer to our MVP's suggestion - modify the Registry
    > >> > (TcpNumConnections) or run "netsh winsock reset" to repair Winsock and
    > >> > TCP/IP, and then test this issue. If this issue persists, please let
    > me
    > >> > know the following information if you need any further assistance:

    > >> > 1. Are you sure this issue will disappear if you turn off the Windows
    > >> > Firewall?

    > >> > 2. Does this issue occur on other computers?

    > >> > 3. Have you tried to use third-party FTP application to do a same test?

    > >> > Have a nice day!

    > >> > Sincerely,

    > >> > Tom Che

    > >> > Microsoft Online Partner Support
    > >> > Get Secure! - www.microsoft.com/security
    > >> > =====================================================
    > >> > When responding to posts, please "Reply to Group" via your newsreader
    > so
    > >> > that others may learn and benefit from your issue.
    > >> > =====================================================
    > >> > This posting is provided "AS IS" with no warranties, and confers no
    > >> rights.

    > >> > --------------------
    > >> > >Message-ID: <55afd3663f84728f1e16e7b279ce9...@d-d.mvps.org>
    > >> > >Date: Sat, 04 Jun 2005 16:50:00 GMT
    > >> > >From: "Detlev Dreyer" <detdre...@flashmail.com>
    > >> > >Organization: Not responsible
    > >> > >Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    > >> > command
    > >> > >References: <e#EUYCSaFHA....@TK2MSFTNGP10.phx.gbl>
    > >> > >X-Comment: MS-MVP Germany
    > >> > >X-Importance:

    ....

    read more »

    Reply


    ping Jun 22, 6:02 pm show options
    Newsgroups: microsoft.public.windowsxp.general
    From: "ping" <imperfectluk-won...@yahoo.com.hk> - Find messages by this
    author
    Date: 22 Jun 2005 03:02:09 -0700
    Local: Wed,Jun 22 2005 6:02 pm
    Subject: Problem about Window Xp SP2 firewall and the buildin FTP
    command
    Reply | Reply to Author | Forward | Print | Individual Message | Show
    original | Remove | Report Abuse

    - Hide quoted text -
    - Show quoted text -
    Dear Tom,
    Sorry for so late to response to your reply on the
    newsgroup.
    I checked the firewall log, that the firewall drop
    several TCP SYN packets that may cause the FTP hand
    problem (seems waiting for server to connect to client
    for file transfer).
    Could you please give me your email address that i
    can send the screen capture, firewall log, etc to you.
    BTW, I always test the XP SP2 on both my own FTP
    server, production FTP server(both IIS 5.0, window
    2000 server, service pack 4, with max. connections =
    100, 000) and FTP server on IBM AIX. The problem
    occurs when firewall is turned on.
    The site: ftp2.de.nero.com is a reference site only
    that my FTP site is located within my company's
    intranet that can't let you try to connect for
    testing. Sorry for confusing you.
    I think this situation do not happen on individual
    PC due to wrong config. or installation problem, since
    i have also tested 3 new PCs, preinstalled with XP SP2
    (2 HP, 1 IBM), the same problem occurs.
    Thank you for your kind attention

    ..

    Reply


    David Candy Jun 22, 6:49 pm show options
    Newsgroups: microsoft.public.windowsxp.general
    From: "David Candy" <.> - Find messages by this author
    Date: Wed, 22 Jun 2005 20:49:58 +1000
    Local: Wed,Jun 22 2005 6:49 pm
    Subject: Re: Problem about Window Xp SP2 firewall and the buildin FTP
    command
    Reply | Reply to Author | Forward | Print | Individual Message | Show
    original | Report Abuse

    No idea what you are talking about as you deleted all previous text. It
    sounds like you need passive FTP. Normal FTP both client and server
    computers are servers AND clients. One with the data (the server) and
    one with the control channel (the client).

    Clients connect to servers. In FTP both computers connect to the other.
    Passive is client to server computers only.
Ask a new question

Read More

FTP Firewalls Servers Windows XP