Connection to FTP server often fails using FTP client ruleset [M387] [v6]

A. THE BUG/ISSUE (Varies from issue to issue)
[ol]- Summary - Give a clear summary in the topic subject, NOT here.

  • Can U reproduce the problem & if so how reliably?: Everytime
  • If U can, exact steps to reproduce. If not, exactly what U did & what happened: Try to connect via FTP Client (Total Commander) Port Fails, PASV Fails
  • If not obvious, what U expected to happen: Normal FTP Connection
  • If a software compatibility problem have U tried the conflict FAQ?: n/a
  • Any software except CIS/OS involved? If so - name, & exact version: Total Commander 8.01
  • Any other information, eg your guess at the cause, how U tried to fix it etc: I have to disable the FW to connect the FTP Client. Didn’t have this problem with previous versions of CIS 6.0 or 6.1.
  • Always attach - Diagnostics file, Watch Activity process list, dump if freeze/crash. (If complex - CIS logs & config, screenshots, video, zipped program - not m’ware)

B. YOUR SETUP (Likely the same for each issue, so you can copy forward)
[ol]- Exact CIS version & configuration: CIS 6.1.276867.2813 - Config file attached.

  • Modules enabled & level. D+/HIPS, Autosandbox/BBlocker, Firewall, & AV: HIPS Safe, BB Untrusted, FW Custom Ruleset, AV Enabled
  • Have U made any other changes to the default config? (egs here.): Yes
  • Have U updated (without uninstall) from a CIS 5?: No, Clean Install
    [li]if so, have U tried a a clean reinstall - if not please do?: Yes
    [/li]- Have U imported a config from a previous version of CIS: No
    [li]if so, have U tried a standard config - if not please do: Default Proactive Mode connects as normal but won’t upload files.
    [/li]- OS version, SP, 32/64 bit, UAC setting, account type, V.Machine used: Win7 Pro SP1 32 Bit, UAC Disabled, Administrator
  • Other security/s’box software a) currently installed b) installed since OS: a= SAS and MBAM on Demand b= Both

[attachment deleted by admin]

You might want to try checking which port is being used by the remote for inbound data connections. The pre-defined rule-set presupposes connections on port 20 - which is the ‘proper’ port for this - however, some ftp servers use different ports. The pre-defined rule-set only allows connections from TCP port 20.

[Mod Edits reversed, I think Rad is talking about active mode connections?]

[attachment deleted by admin]

Since this issue seems to be resolved i will move it to the resolved sub thread

Thanks, missed that one! It was never tracked anyway.

Best wishes


Thanks. This just started recently and I didn’t notice it till updating to .2813. I’ll contact the problem server and see if they have changed anything. I’ll post back if I need more help.

Thanks, I’ll await feedback.


I contacted the problem server ( and they haven’t changed anything. The tech guy tried numerous times while I was on the phone with him and he was able to connect every time. Simultaneously, as we spoke, I tried numerous times to connect without success. I played around with various settings last night with no success. I even tried setting up a new profile from scratch. No go. I can always turn the FW off while uploading, it’s just a nuisance. You may want to put this bug back on the Bug Reports page. I don’t know what else I could try. It’s strange, I have another server (RoadRunner) which I have no trouble connecting to. I’ve attached my CIS log file.

Here is my FTP Client Log:

230 User logged in.
215 UNIX Type: L8
211 End
501 OPTS: UTF8 not understood
CWD /public
250 CWD command successful.
Connect ok!
257 “/public” is current directory.
Get directory
200 Type set to A
PORT 98,27,134,187,204,144
200 PORT command successful
PORT failed, try PASV mode!
PASV failed

[attachment deleted by admin]

Well, today, the connection problem raised its ugly head again. This time it was blocking the connection to my RoadRunner server. At least the bug is consistent in blocking both of the servers I use. Disabling the FW lets me connect.

Added to tracker, thanks. Also edited post above regarding ports.

Could you indicate what control and data ports your client is set to use in active and passive mode please?

Best wishes


I looked all over Total Commander for the port settings you mention, but found none. I’ve attached the Total Commander help file. I looked through it under “FTP”, but found only one mention of port 21 being used in IPV6.

[attachment deleted by admin]

Looks like no changes from defaults on that dialog.

I’ve just had some problems with my server and TC.

You could try setting passive mode on the dialog you picture and by editing the connection itself (Net ~ FTP connect ~ Select connection ~ Edit). I found I could force passive mode that way, then it worked fine with CIS and TC. Though I have TC set as ‘allowed’ by CIS FW.

As to active mode, I had a server problem, not a client problem, so I guess that does not help work out what the problem is.

Best wishes


Where is this setting you refer to?

OK, I found it. I set TC to use PASV mode and it connects now. I’ll have to give it some time to see if it’s a success. There still must be something wrong with CIS, since I had never had trouble connecting in the past. It only started giving me trouble with v.2813.

Hmm in active mode the FTP server has to be able to initiate the data link using an inbound connection to your external IP on port 20 to which your client replies with a data send on port >1023

So I think:

a) your router (assuming it’s a NAT router) would need to pass the inbound port 20 connection on to the correct PC, using port forwarding. This is not standard.
b) Maybe CIS would need to have global rule to pass this through to the app rules, depending on config. In IS config the last global rule is probably block all incoming silently?
c) CIS already has an application rule to pass port 20 on in the FTP ruleset, so that’s OK

Maybe TC used to default to passive mode but now defaults to active, unless you over-ride in two places?

I’m not an expert at this stuff though, shall I pass this through to help?

Best wishes


Well, I have no router. I have a cable modem direct to my Network card. Since I never had this problem before and my TC (until yesterday) and CIS settings are the same, something in CIS must have changed. I have tried a Global Ruleset for FTP (which CIS used to need), but it still didn’t work. As long as it works in PASV mode, I don’t really care (unless it’s insecure). I’ll know more by this afternoon since I’m updating a website today.

Just to validate, your local network address (using IPconfig) is?

[IPs removed by mod for security reasons]

Now you really have me confused :slight_smile:

Just checked, and your logs show a local address 192.168.x.x. Which suggests that NAT (Network Address Translation) is occurring. However the port 20 connection is reaching CIS, and you are allowing it.

This is beyond me as I have never used a cable modem. Shall I transfer to help to see if one of the network boffins can work out what is going on.

Incidentally a Comodo employee (ddulepov) using TC recently had a difficulty accessing my FTP server in active mode, so you are not alone. May be worth PMing him.

Active mode need to work as it is more secure

I have removed your external IP for security reasons, sorry should have been more explicit.

Best wishes


Hi Mouse,

Yes. You can forward this to anyone who may help. I’m not up on these things since I’ve never had any trouble in this area, but I’m willing to help. Today, I found that somehow my Windows Firewall was turned on. BB alerted me to FirewallControlPanel.dll. I thought this might be the problem. I disabled it and also set it to Manual in Services (I had already done this previously). I tried TC again with PASV mode disabled and the problem with CIS was still there. So, it wasn’t the Windows Firewall after all. Oh, well…


Having thought about this I will leave the topic here for the present and see if I can get Ronny or Radaghast to help you.

I have already informed the Ddulepov (QA) by PM, who has himself been having problems using TC to access my FTP server.

Best wishes