This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

TLS Negotiation Failure

I have setup SERV-U FTP in my DMZ.  Regular FTP and SFTP work fine.  I have created a self signed cert within SERV-U.  When I try to use FTPS in Active mode, it connects and fails when trying to pull the directory.  I get a TLS negotiation error.  This happens when I use several different ftp clients.

  • I'd try to work inside out on this.  Let's start with FTP Voyager as the FTP client.  Install it on the same machine as Serv-U and test your active FTPS link.  Next install it on a different machine and test again.  Finally, go outside the firewall and test yet again. 

    However, if you're going to stick with FTPS, I would look at abandoning active mode altogether and switching to passive mode.  That allows you to only have to worry about inbound connections (whereas active mode requires outbound connections back to the client, which can run afoul of a second firewall). 

    Here's our recommended firewall configuration, using passive FTP/S data ports. 

    0313_serv-U_diagrams_01v3_680wide.png