on 12-17-2007 11:16 PM
Hi experts,
I have a scenario where XI is picking up a file from a FTP network folder with the communication channel specifying the IP, port=21 and user/password credentials. If the FTP site opens up only port 21, this does not work. Only when FTP site opens up all ports, the communication works. The administrator of the FTP site mentioned that he is seeing requests with dynamically assigned ports come in from XI (none of them being 21). Has anyone encountered the same? For now, all ports are being kept open but we are trying to investigate how to control the port number so that only one or a few ports can be kept open rather than unrestricted access. Is there some setting or profile parameter in XI due to which the "21" that we mention as port in the communication channel is bypassed for some other dynamic value at runtime?
Thanks
JB
James,
In your scenario, XI acts as a FTP client. Whether the mode is Active or Passive, FTP client always connects to server from a random port (>1023). Thus, your FTP site Admin is seeing different ports.
The solution to your problem is to ask the FTP site Administrator to specify a range of high numbered ports which the FTP server will use (most FTP daemons will allow this) and you configure the communication channel in XI with "Data Connection" parameter as "Passive".
Thanks,
Venkat.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Venkat, nice response. Could you tell me in that case, suppose they open up ports in the range 1024 to 1099 say for example, should I mention one from this range in the communication channel instead of 21? It seems to me that whatever I enter in the communication channel, it will still take up some port higher than 1023 as you said. Also what is the upper bound for this dynamic port that is selected when XI sends the message so that I can tell the FTP admin guys to open from 1024 up to this upper bound. Thanks in advance.
JB
James, you dont mention the range in XI Communication Channel. You still use port 21 because it is the FTP server port to which XI will first contact. The client port which communicates with Server port 21 is random (>1023).
If passive (PASV) mode is used, the server will then open a random port (> 1023) and sends the same to client (XI), e.g. 31000. XI will then communicate with Server port 31000 for the data transfer.
To give an real example, to drop and pick files from a Bank FTP site, the Bank instructed us to establish a connection on port 21(their FTP server port), use Passive mode and have ports 30000 to 30200 ports opened in our firewall to enable data transfer.
So, what you have to do is ask FTP server Admin to configure the server in such a way that when a FTP client (in our case, XI) connects to port 21, it should create a port within a range (e.g. 30000 to 30200). Also, if the FTP site is outside the corporate landscape, you should ask your Network Admin to punch holes in the firewall for the ports range that FTP server Admin communicates to you.
Thanks,
Venkat.
Hi,
If I'm not wrong this issue is related to FTP site not XI. You can ask FTP site admin to setup fixed IP address for incoming ftp request.
Hope this will help you.
- Pinkle
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
86 | |
10 | |
10 | |
9 | |
7 | |
7 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.