THE INFORMATION IN THIS ARTICLE APPLIES TO:
Cannot connect to EFT Server with Internet Explorer
A connection to EFT Server using Internet Explorer can normally be accomplished using the default settings for both products. You may need to allow two or more concurrent connections from the same user and the same IP address to facilitate connection from a Web browser.
For your convenience, some basic connection and troubleshooting information is shown here. If you continue to have trouble establishing a connection using IE, you should consult the IE documentation.
Depending on the firewall configuration on either the FTP client or server side, you may need to change the mode that is used by the FTP client. IE5 and later support both Standard (PORT) and Passive (PASV) modes.
To change the IE FTP client mode
- Start Internet Explorer.
- Click Tools > Internet options.
- Select the Advanced tab.
- Under the Browsing node, clear Enable FTP folder view.
- Select Use Passive FTP (for firewall and DSL modem compatibility). (Selected by default.)
- Select OK.
If you select the Enable FTP folder view, IE behaves as a Standard (PORT) mode FTP client even if you also select Use Passive FTP. If you clear the Enable FTP folder view check box and then select the Use Passive FTP check box, IE behaves as a Passive (PASV) mode FTP client. By default, both IE and EFT Server use Standard or Port mode.
Standard (PORT) mode FTP clients first establish a connection to TCP port 21 on the FTP server. This connection establishes the FTP command channel. The client sends a PORT command over the FTP command channel when the FTP client needs to receive data, such as a folder list or file. The PORT command contains information about which port the FTP client receives the data on. In Standard (PORT) mode, the FTP server always sends data from TCP port 20. The FTP server must open a new connection to the client when it sends data.
Passive (PASV) mode FTP clients also start by establishing a connection to TCP port 21 on the FTP server to create the control channel. When the client sends a PASV command over the command channel, the FTP server opens an ephemeral port (between 1024 and 5000) and informs the FTP client to request data transfer from that port. The FTP server responds to the request by using the ephemeral port as the source port for data transfer. If this occurs, the FTP server does not have to establish a new inbound connection to the FTP client.
Many firewalls do not accept new connections through an external interface. The firewall may detect these connections as unsolicited connection attempts and, therefore, drop them. Standard mode FTP clients do not work in this environment because the FTP server must make a new connection request to the FTP client.
Firewall administrators may sometimes not want to use Passive (PASV) mode FTP servers because the FTP server can open any ephemeral port number. Although EFT Server by default uses the default ephemeral port range of 1024 through 5000, many FTP servers are configured with an ephemeral port range of 1024 through 65535. Firewall configurations that allow full access to all ephemeral ports for unsolicited connections may sometimes be considered unsecure.