Skip to main content

Troubleshooting Outbound FTP

Outbound FTP connections can fail for several reasons. The sections below cover the most common causes and how to address each one.

Connection and Authentication Failures

If Files.com cannot reach the remote FTP server or cannot log in, start by confirming the hostname, credentials, and port in your remote server configuration.

The default FTP port is 21 (explicit) or 990 (implicit), though a remote server may use a customized port. If the connection information specifies port 22, the remote server supports SFTP rather than FTP(S). Use an SFTP remote server instead.

Concurrent Connection Limits

FTP servers support a limited number of simultaneous connections. Enterprise-grade FTP servers allow higher numbers. Smaller FTP servers allow fewer.

If you are seeing connection failures, the remote server may be rejecting connections because its limit has been reached. Reduce the maximum number of connections setting and adjust gradually to find the highest value the remote FTP server can reliably support.

Rate Limits

FTP servers can implement rate limits that cap the number of connections allowed within a specified duration.

Implementing dedicated IP addresses for your Files.com site can help mitigate rate-limit issues.

Timeout Issues

Timeouts can come from several sources.

Intermittent network issues between Files.com and the remote server can prevent FTP commands or their responses from completing within the time allowed by the FTP protocol.

When the remote server is overloaded or runs out of resources, such as CPU or memory hitting 100%, FTP commands take much longer to execute.

When the remote server changes a required configuration item, such as the authentication method or the FTP port, FTP connections time out while attempting to connect using outdated information.

FTP commands fail if the remote FTP server does not respond within 45 seconds. Responses normally take between 5 and 10 seconds. A response time exceeding 45 seconds indicates a problem on the remote server.

Resolve any network issues and confirm that the remote FTP server can support the connection load being sent to it from Files.com.

Remote Server Capacity

If transfers fail intermittently without a clear cause, the remote FTP server itself may not be able to handle the volume of connections being sent to it. Some FTP servers are implemented as a lightweight feature on a larger system and are not designed for sustained or heavy FTP usage.

Confirm that the combined workload from all Syncs, Remote Mounts, and Automations to the remote server stays within its operational limits.

Firewalls

Firewalls or other restrictions on the remote server may require an IP address to be whitelisted.

Verify that the remote FTP server allows connections from Files.com IP addresses.

The FTP protocol is particularly sensitive to firewall issues because it uses separate ports for commands and data.

Files.com always uses PASV mode for FTP(S) connections. In PASV mode, the remote FTP server tells Files.com which ports to use to traverse its firewall. The remote operator must ensure that the full configured PASV port range is open for inbound connections. Each FTP server has configuration options that specify this port range. The operator can refer to their FTP server's documentation to identify which ports are configured and verify that none are blocked. FTP uses a different port within that range for each connection, so the entire range must be open.

Verify the IP addresses being used for connections from your Files.com site. Confirm that these IP addresses are not blocked by any firewalls.

Partial Connectivity

The FTP protocol uses separate ports for control and data traffic. The Control channel handles authentication and commands such as listing folder contents. The Data channel carries file content.

If you can connect and list folder contents but cannot upload or download files, a firewall is most likely blocking the PASV data ports. A common symptom is a zero-byte file created whenever an upload or download is attempted. Contact the operator of the remote site's firewall and ask them to open all configured PASV ports.

SSL Certificate Issues

If the remote FTPS server uses a certificate that is expired, self-signed, or does not match the hostname, Files.com refuses the connection by default. You can configure the Remote Server to allow non-matching certificates, but this removes the security guarantee that the remote site is who it claims to be.

To check the validity of the remote site's certificate, use an online tool such as the SSL Shopper SSL checkerExternal LinkThis link leads to an external website and will open in a new tab or the DigiCert SSL certificate checkerExternal LinkThis link leads to an external website and will open in a new tab.