In a recent case, I was asked to help with an FTP error 550 when the FTP client tried to list the files in the FTP site. The user logged on without error but could not see ant files or folders. There was a firewall but the FTP ports being used were open.
So I asked for the FTP logs to find the reason logged. In the FTP logs, we saw 550 1236 38 (status, win32Status, sub status). We know 550 is no such file or directory, I looked up the win32staus 1236 and it is “The network connection was aborted by the local system.” I was not familiar with the FTP sub status, so I opened article 969061, The FTP status codes in IIS 7.0 and later versions to find sub status 38. this is listed: 38 - Client IP on the control channel didn't match the client IP on the data channel.
Went back to the FTP log and noticed client IP changing once PASV command is run... .7 to .8 and therefore the error.
2020-07-10 21:37:30 n.n.n.7 <User> <server IP> PASV - 227 0 0 7b461e17-7dc0-45f3-b0a5-ccaf36c708ac -
2020-07-10 21:37:30 n.n.n.8 <User> <server IP> 6003 DataChannelOpened - - 0 0 7b461e17-7dc0-45f3-b0a5-ccaf36c708ac -
2020-07-10 21:37:30 n.n.n.8 <User> <server IP> 6003 DataChannelClosed - - 1236 38 7b461e17-7dc0-45f3-b0a5-ccaf36c708ac -
2020-07-10 21:37:30 n.n.n.7 <User> <server IP> 21 LIST - 550 1236 38 7b461e17-7dc0-45f3-b0a5-ccaf36c708ac /
At this point, the firewall engineer mentioned that this was due to the firewall configuration and this behavior could not be changed so the customer ended up using a different firewall product.
This article lists all of the FTP status codes and what they mean…IIS web sites also log sub status…many times the sub status tells us exactly what is wrong without collecting any other data. There are 56 sub statuses listed near the bottom of the page.
The FTP substatus codes
This section describes the FTP substatus codes that IIS 7.0 uses:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.