General Questions
- Why should I use ShareIt FTP, public domain FTP servers already exist?
- Why does ShareIt FTP have a maximum number of 256 clients?
- Do you license the ShareIt FTP source code?
- Does ShareIt FTP work with XYZ company's FTP client?
- Where can I get a free FTP client with SSL?
- What functionality is included in the trial version of ShareIt FTP?
Setup
- Can I use a network share as my "root" folder?
- Can I use ShareIt FTP to monitor when users download files?
Firewall
- Does ShareIt FTP work with personal firewalls like Norton?
- What ports does ShareIt FTP use?
- How does ShareIt FTP work with NAT and port forwarding?
- The FTP Console application is unable to connect to
ShareIt FTP from a remote location?
- When I try to connect to ShareIt FTP from outside my firewall I cannot
see any files or folders?
Protocol
- What is the difference between active and passive FTP connections?
- How to I logon to ShareIt FTP with my web browser?
- What is the difference between implicit SSL and explicit SSL?
- What are the EPSV/EPRT commands used for?
File Transfer
- Why does my text file contain extra/missing spaces?
- Why does Microsoft Internet Explorer display an error when I try to connect to
ShareIt FTP?
- Why can't I upload files to ShareIt FTP?
- Does ShareIt FTP convert LF to CRLF in ASCII mode?
Error Messages
- Why do I get a "534 request denied for policy reasons" error when I connect to ShareIt FTP?
- Why do I get a "500 User not allowed" error when I connect to ShareIt FTP?
Security, management and accountability. ShareIt FTP integrates with your existing
Windows NT user and filesystem infrastructure, provides single point management
of FTP server farms and NSC includes proactive features to prevent network
attacks.
Secure network communications is very processor and memory intensive. Even a server
with a 2Ghz processor will struggle to accept more than 100 secure connections per second. For
this reason, our design limits the number of clients to a practical and efficient
number.
No. We consider this a security violation. If you have concerns about the
long-term support of ShareIt FTP or NSC, please contact
sales@nsctech.com to discuss potential options.
Yes. ShareIt FTP is compatible with all plain-text and SSL enabled FTP clients.
If you own a computer with Microsoft Windows, you should check out
GetIt
FTP. The software has security and file management features, and is free for
personal, education and charitable use. Visit
http://www.getitftp.com for more information.
The trial version of ShareIt FTP supports all features. The software will operate for
30 days and displays a "trial" banner to users.
Yes. Remember to update the permissions so that your FTP users can browse the
location.
Yes. There are two methods to record when a user receives a file from your
FTP server:
- In the ShareIt FTP service configuration, enable event logging for the RETR command. For instructions,
see the "Step 4: Configure Logging Settings" and "Reviewing Event Logs" sections in the User Guide.
In addition, you can
monitor download activity in real-time if you use this option.
- If you are using the Windows NTFS filesystem, you can enable file auditing. For instructions, see
the "Auditing File Activity" section in the ShareIt FTP User Guide.
Click here to view the ShareIt FTP User Guide.
Yes. You must configure the firewall software to allow connections from the
Internet to the ShareIt FTP port and IP address.
Consult your Firewall user documentation to do this.
ShareIt FTP uses the following ports:
- FTP service port. Default 21.
- FTP Console port (optional). Default 1205. You can always
connect to the server from inside the firewall.
- Data connection ports. You should open a continuous range of ports for
incoming data connections (1024 to 4096). If your security policies do not permit this,
you can require your FTP users to use active (PORT) data connections.
WARNING: There are
known security issues with active data connections. See the FTP security
RFCs for more information.
Most network environments employ a firewall or router to map between internal and
external IP addresses. Some of these devices will parse FTP
commands and replace IP addresses so that the FTP client and server
can operate without knowledge of the mapping. This process fails
when secure communications (SSL) is enabled because the FTP commands are encrypted.
To resolve the addressing problem, ShareIt FTP lets you specify an external
IP address for FTP commands. For more information, see the 'Fix IP Address'
options in the Advanced system settings (FTP Console > Config > System >
Advanced).
Check the following:
- Ensure ShareIt FTP has the SSL and FTP Console options enabled.
- Check your firewall will allow incoming connections to the FTP Console port
(default 1205).
- Verify an existing FTP Console connection is not active.
NOTE: You will
need access to the server to check 1 and 3.
The firewall is blocking incoming data connections; preventing the FTP client from
receiving file and folder information. You will need to
open the data connection ports or change your connection policy. Click
here for more information.
Both the FTP client and server processes should be capable of active and
passive connections. When a process is in passive mode, it will "listen"
(accept incoming connections) on a data port. The active process will then "connect"
(outgoing) to that port and the transfer will start. The FTP request command
determines the direction of the connection. For example, PASV requires the
client to connect to the server and the PORT command involves the server connecting to the
client.
The following steps guide you through the process:
- Open Microsoft Internet Explorer (IE), Mozilla, etc.
- Enter the URL of your FTP server in the Address editbox. The URL format is: ftp://[username]:[password]@[your FTP server IP address]:[your server port]. Omit the username and password fields for anonymous logins and the port field to use the default (21). For example, ftp://192.168.1.2.
- You will see a list of the files and folders on your FTP site.
If you are using IE, you can drag and drop files between the FTP
session and Microsoft File Explorer.
These two terms refer to how the FTP client connects to the FTP server. If you are using an implicit connection, the FTP client connects to the server and immediately negotiates an SSL session. The
explicit procedure involves the FTP client starting a plain-text
conversation with the server and asking it to start a secure
session.
The extended port commands (EPSV/EPRT) are designed to replace
the standard FTP PASV/PORT commands. They solve various network address issues, accomodate TCP/IP version 6 and give better performance with some firewall packages.
All operating systems do not store text files in the same manner. For example,
UNIX represents
the end of a line with a single linefeed (LF). The Windows standard is carriage
return linefeed (CRLF). At some point, the file has been transferred incorrectly (as
BINARY, or a mix of BINARY and ASCII) and your application is unable to view the
text file
correctly.
Check the following:
- Your network connection is working properly.
- Ensure your firewall allows FTP traffic; and your FTP proxy is operating (if applicable).
- Enable passive transfers (Tools > Internet Options > Advanced > 'Use Passive FTP').
NOTE: Ask your network administrator if you have questions about 2.
This is most likely a configuration problem. Check the following:
- Check the Write/Overwrite permissions are enabled in the
FTP Console (Config > Users > Anonymous > Permissions).
- Check the Windows NT filesystem privileges (Right-click in Windows
Explorer > Properties) for the root FTP folder and the destination folder. The
user/anonymous account must have write access.
- Use the FTP Console or Windows Explorer to ensure there is enough
storage space in the destination folder.
Yes, ShareIt FTP will always
perform the linefeed mapping (LF -> CRLF) and report the correct number of bytes. The
software also supports the restart (REST) command in this mode.
NOTE: Most FTP servers do not support this functionality because of the extra
processing involved or their design is open to DoS attacks.
ShareIt FTP is reporting that you are trying to use a feature that is not
enabled. For example,
if the server does not have a SSL certificate, it will refuse the security (AUTH SSL) commands.
The software will also refuse active (PORT) data connections by default.
Check the following:
- Check the ShareIt FTP SSL certificate
is installed and has not expired (FTP Console > Config > Security).
- Enable the PORT command (FTP Console > Config > Security) or require your
users to use passive (PASV) data connections (GetIt FTP > Address Book > Edit
Site > Transfer > Data Connection Type; Microsoft Internet Explorer >
Tools > Internet Options > Advanced > Use Passive FTP). WARNING:
Active data connections are not recommended if your server is accessible from the Internet. See the
FTP security RFCs for more detail.
Check the following:
- You have entered the correct username and password in your FTP client.
- ShareIt FTP is configured to allow 'anonymous' FTP users (FTP Console > Config > Users).
support@nsctech.com
Copyright © 2001-2004 NSC. All rights reserved.
Revised:
01/04/04.