Question : FTP connection problem

we are using secureFTP software in our DMZ server, from inside I can access the server normally like remote desktop/ping etc.. but when i initiate FTP using cmd or fileZilla client using either of port 21-22i got this error:

Error:      Network error: Software caused connection abort
Error:      Could not connect to server

However in some network inside and outside im able to access the server normally,
Its really frustrating becuase sometimes clients ask me for help and i just couldn't do anything to them.
Just to be clear in network config, I checked my firewall and technically it has nothing to do with this problem. the following output is the result of wireshark capture the FTP traffic between server and the client.  The server is 10.98.98.0 network (DMZ) and the client is 172.30.3.0 network (inside)


6      1.617796000      172.30.3.99      10.98.98.13      TCP      netmon > ssh [SYN] Seq=0 Win=65535 Len=0 MSS=1380
7      1.617832000      10.98.98.13      172.30.3.99      TCP      ssh > netmon [SYN, ACK] Seq=0 Ack=1 Win=16384 Len=0 MSS=1460
8      1.618095000      172.30.3.99      10.98.98.13      TCP      netmon > ssh [ACK] Seq=1 Ack=1 Win=65535 Len=0
9      1.618244000      10.98.98.13      172.30.3.99      TCP      ssh > netmon [RST, ACK] Seq=1 Ack=1 Win=0 Len=0

i notice the RST, ACK packet which's in my knowledge the cause of the problem and i really don't know why is this happening to some clients, any help will be highly appreciated.

Answer : FTP connection problem

have your setup sftp correctly

To allow SFTP connections
Start the Administrator Interface and connect to the server.

At the bottom of the left pane, click the Server tab.

In the left pane, expand the server.

Select the site where you want to allow SFTP connections.

In the right pane, click the SFTP Settings tab.

Select the Enable SFTP check box.

In SFTP Port, enter the port number where the server will accept SFTP connections. 22 is the standard port for the SFTP protocol.

In Site key pair, enter the path, or click the browse button to find the path to your site key pair.

(Optional) If you do not have a site key pair, click Create (see below).

In the Use encryption algorithms list, select any or all algorithms you will permit for encrypting SFTP sessions. Hold down the Shift key on your keyboard to select a series, or hold down the CTRL key to select several that are non-contiguous.

In the Use MAC algorithms list, select any or all the algorithms to allow their use for message authentication. Hold down the Shift key on your keyboard to select a series, or hold down the CTRL key to select several that are non-contiguous.

Click Apply. A message appears telling you the site must be restarted for the changes to take effect.

Click Yes.

With the site still highlighted in the left pane, click the Stop  button, then click the Go  button.

 

To create a key pair
When clients attempt to create an SFTP connection with the server, the server sends a key to the client verifying its identity. The key you create will identify a site for all clients attempting SFTP connections.

Start the Administrator Interface and connect to the server.

At the bottom of the left pane, click the Server tab.

In the left pane, expand the server.

Select the site where you want to allow SFTP connections.

In the right pane, click the SFTP Settings tab.

Select the Enable SFTP check box.

Click Create. A Create SSH2 Public/Private Keypair window appears.

In the Enter path to store key pair, enter the path where you want to keep the created key pair. Or click the browse button to navigate to the path where you want to store the key pair.

Click Finish. A note appears telling you the key pair was created successfully.

Click OK again.