Help, I'm very confused.

I'm reasonably switched on when it comes to IT but an issue has me stumped at the moment.

My scenario - 50MB Cable, Netgear WNR845T router.

I have a number of machines on my Lan ranging from this Mac Pro to various PC's and servers. I've never had any issues previously getting to FTP sites.

Just before Christmas I noticed that I was unable to get through to my webspace at a 3rd party (Webhosting UK) using ftp whilst trying to upgrade a forum. Web access is fine and DNS resolution is not an issue.

I thought nothing of it and then only had reason to try again recently to perform some upgrades. Same again no access. Traceroutes work fine from here though. Just seems to be something blocking ftp.

I also have adsl as a backup on a different provider, local Lan is on the same subnet but use different gateways/dns for various machines. FTP access using the same machines work perfectly through that connection.

I've fired up a windows VM ont he Mac to prove its not the Mac Pro and that does the same thing, tried it bridged and NAT'd same issue. The minute I switch back to ADSL it works fine.

I have no changes to hosts files and as I said I can browse to the site no problem and resolve it via DNS with no issues.

I have also been able to get to any other FTP site I try, various distro sites work fine.

I'm at a loose end now, totally confused

I'm posting a message tomorrow on the Hosting company forums to see if I'm the only one having an issue to rule that out.

Does anybody have any ideas?

thanks

Firewall somewhere, perhaps on the router you use for the failing ftp connection? Does it happen if you connect direct between PC and modem without router?

Firewall somewhere, perhaps on the router you use for the failing ftp connection? Does it happen if you connect direct between PC and modem without router?

Not tried that yet, mainly because nothing has changed my side. It did work but then it didnt.

I'm sure its possibly something stupid, but for the life of me I cant see it.

I do have Firewall software on the Mac but its wide open for FTP outbound access. The router is bog standard no special outbound rules. No sites blocked and no services blocked.

Will try the direct route with the laptop tomorrow. Also will fire up Wireshark and see if I can see wtf is going on..

Tks for the suggestion.

Not tried that yet, mainly because nothing has changed my side. It did work but then it didnt.

I'm sure its possibly something stupid, but for the life of me I cant see it.

I do have Firewall software on the Mac but its wide open for FTP outbound access. The router is bog standard no special outbound rules. No sites blocked and no services blocked.

Will try the direct route with the laptop tomorrow. Also will fire up Wireshark and see if I can see wtf is going on..

Tks for the suggestion.

Virgin decided to go awol on my butt this evening so it gave me a chance to try a laptop on the modem..afraid the result were inconclusive..The laptop was able to get onto the ftp site but only when it had a differant IP address. Presumably the MAc address of the router reserves the IP for 48hrs or something. I got a different IP address and it worked right away.

Router plugged back into the modem and no joy...but as I said it had the same IP as previously, once it was back up and running I was unable to get through to the FTP once more.

I'll remap the Mac address on the router tomorrow and try to get another IP address and test again.

Can you provide a traceroute from any machine on your VM connection, connecting directly to the modem. I need a traceroute to your domain or IP address of your hosting.

Out of interest, what FTP software are you using?

VM will not block port 21 on only one of thier IP's. If the direct laptop to modem (bypassing the local address) worked then 90% sure it's the router or a firewall issue with the local address.

If you want further proof try each machine on the modem only and I'll bet each one gets through ;)

I suspect this could be a server side firewall issue, is this cPanel hosting?

ok, just got home and done some testing.

To answer some of the questions above..

Yes I use cpanel hosting. It is theoretically possible my IP could be blocked.
ftp software: Cyberduck and Fetch and command line.

I reconnected with my Mac Book Pro direct to the modem and it works, obviously dfferant Mac address.

I then reconnect back to the router and tried again, blocked..I then spoofed the Mac address of my one of the gig ports on my Mac Pro, bounced the router and Modem and I have access through the router again.

The way this is going I feel as though there are two possibilities now.

1. Some sort of restrictive port 21 blocking somewhere
2. My cpanel host has blocked my external IP address from accessing port 21

The second seems most plausible. but not sure how it can be that selective, I'll try to examine the ftp logs to see if its blocked. This seems odd but not beyond the realms of possibility. Whats odd is that web access works fine. so it must be ProFTPd blocking me unless its number 1 above.

I'll contact my provider now to see if my IP turns up in firewall the logs.

I have a working solution other than my adsl connection, but for now I want my old IP address back :)

Thanks for all the help, glad its not me missing something stupid on my own firewalls, routers etc

Will update if I find anything. If not then I'll migrate to the new IP shortly.

Try a TCP Traceroute on port 21, see what the response back is.

Alternatively get Wireshark going and kick off an FTP session, see what happens in terms of the TCP flags in the TCP conversation.

Ask your host to add your IP to the iptables whitelist, they are probably running csf, a firewall that doesn't like constant FTP connections to a server as it deems it as an attack and blocks your IP.

Ask your host to add your IP to the iptables whitelist, they are probably running csf, a firewall that doesn't like constant FTP connections to a server as it deems it as an attack and blocks your IP.

This seems quite plausible, I was testing various ftp apps on the Mac a couple of months back its possible one went rogue and got caught by iptables.

Thought I have used it since but maybe just on my adsl circuit or the laptop.

---------- Post added at 14:00 ---------- Previous post was at 13:41 ----------

Just got a message back from support, apparently the IP got blocked for numerous login failures.

problem resolved.

thanks all .

Good stuff.