Troubleshooting Outbound FTP
Outbound FTP connection issues can be caused by various issues.
FTP Configuration
Verify that you are using the correct FTP configuration setting to connect to the remote FTP server. Check that the hostname, authentication information, and port are correct.
Ensure that the outbound server supports FTP(S) or is a FTP(S) server. The default FTP port is 21 (explicit) or 990 (implicit), but could be a different customized port. If the connection information that was provided to you states that port 22 should be used to connect then this indicates that the remote server supports SFTP instead of FTP(S).
Concurrent Connection Limits
FTP servers typically support a limited number of simultaneous concurrent connections. Enterprise grade FTP servers will have a higher number of allowed connections while other FTP servers may only allow 1 or 2 concurrent connections.
Lower the Maximum connections setting for the remote server to a value that is supported by the remote FTP server.
Timeout Issues
Timeout issues can occur in various ways.
If there are intermittent network issues between Files.com and the remote server then FTP commands, or their responses, may not occur within the time allowed by the FTP protocol.
If the remote server is overloaded or runs out of resources, such as its CPU or Memory hitting 100%, then FTP commands will take much longer to execute.
If the remote server updates a required configuration item, such as the authentication method or the FTP port, then FTP connections can timeout while trying to connect using outdated information.
FTP commands may fail if they do not execute, or receive a response, within the allotted time.
Attempt to resolve any network issues and ensure that the remote FTP server is capable of supporting the connection load being sent to it from Files.com.
Scalability Issues
Files.com is designed for Enterprise scalability. As a cloud-native solution, our platform provides elastic scalability with effectively no limits for file sizes or number of connections.
Remote FTP servers may not offer the same scalability.
Generally speaking, modern remote Enterprise level FTP solutions should be able to match our throughput and capacity. However, FTP connectivity can also me implemented by systems that expect it to be used casually and are not designed to handle large amounts of FTP usage.
Ensure that combined workloads from all Remote Syncs, Remote Mounts, or Automations to the remote server will be within its operational limits.
Firewalls
There may be firewalls, or other restrictions, on the remote server that require an IP address to be whitelisted.
Verify that connections from Files.com IP addresses are allowed by the remote FTP server.
The FTP protocol is particularly sensitive to firewall issues due to its use of separate ports for commands and data.
Files.com will always use PASV mode for FTP(S) connections so remote firewalls should be configured to allow connections using the passive ports that have been specified by the remote FTP server.
IP Addresses Used For Connection
If you have a Custom Domain installed on your site, that means Files.com has provisioned two dedicated IP addresses for your site and it will use them by default for outbound connections to the remote server. Provide these 2 IP addresses to your counterparties and ask them to whitelist them in any applicable firewall.
If you do not have a Custom Domain installed on your site, you do not have Dedicated IP Addresses provisioned for your site and Files.com will use its entire pool of IP addresses for connecting outbound to the remote server. If your counterparties maintain an IP Address whitelist, you will need to have them whitelist all of the IPs on this list.
Customers often ask for Dedicated IP addresses as a way to avoid having to ask their counterparty to whitelist a huge list of IP addresses.
We are able to offer that for Remote Server connection purposes via somewhat of a backdoor method, which is adding a Custom Domain to your site. Having a custom domain provides a justification for the dedicated IP address.
Files.com automatically provisions a pair of dedicated IP addresses for every site that has a custom domain enabled. We do that because FTP, unlike HTTP, requires that every custom domain be hosted on a dedicated IP address in order to have a custom SSL Certificate that matches the domain.
This means that if you have users who restrict outbound access via a firewall, they will only need to whitelist your two dedicated IP addresses. rather than having to whitelist our entire published list of IP addresses (see above).
Dedicated IPs, once provisioned, are used for both inbound connections to your site via your custom domain, as well as outbound connections from Files.com to certain applicable Remote Servers that are used for Remote Server Sync and Remote Server Mount.
By default, Files.com will use your dedicated IP addresses for outbound connections to FTP, SFTP, WebDAV, and S3 Compatible remote servers. However, you can disable the use of your dedicated IP in these circumstances if you need to. (You might do that if your counterparty has already whitelisted the main Files.com IP range, for example.)
Ciphers Used For Connection
Connections made using SSL/TLS to a remote FTP server will use the cipher that is agreed upon by both Files.com and the remote system. Files.com will present a list of ciphers, starting with the strongest and ending with the weakest, to the remote FTP server but it is the remote server that decides exactly which cipher is used. Contact the administrator of the remote FTP server to determine which SSL/TLS ciphers are supported by that system.