Good Morning everyone,

I'm hosting a FileZilla FTP server (passive mode) on a WIN 2012 R2 server hosted in MS Azure.

FTP transfers are generally working fine - Several FTP uploads and retrievals are running on a daily basis.

I have opened a relative big range of ports (endpoints) on the Azure Portal / side to allow for the passive mode.

Sporadically (on an average once every 2nd day) I'm seeing FTP transfers issues like the following:

8/8/2016 9:09:59 AM - USER_FILEZILLA (62.154.Y.X)> MDTM dev_updates/file1

8/8/2016 9:09:59 AM - USER_FILEZILLA (62.154.Y.X)> 213 20160728071048

8/8/2016 9:09:59 AM - USER_FILEZILLA (62.154.Y.X)> MDTM dev_updates/file2

8/8/2016 9:09:59 AM - USER_FILEZILLA (62.154.Y.X)> 213 20160728071048

8/8/2016 9:09:59 AM - USER_FILEZILLA (62.154.Y.X)> MDTM dev_updates/file3

8/8/2016 9:09:59 AM - USER_FILEZILLA (62.154.Y.X)> 213 20160728071050

8/8/2016 9:09:59 AM - USER_FILEZILLA (62.154.Y.X)> CWD dev_updates/Infrastructure/folder

8/8/2016 9:09:59 AM - USER_FILEZILLA (62.154.Y.X)> 250 CWD successful. "dev_updates/Infrastructure/folder" is current directory.

8/8/2016 9:10:00 AM - USER_FILEZILLA (62.154.Y.X)> PASV

8/8/2016 9:10:00 AM - USER_FILEZILLA (62.154.Y.X)> 227 Entering Passive Mode (104,40,Y,X,234,235)

8/8/2016 9:10:00 AM - USER_FILEZILLA (62.154.Y.X)> 426 Connection closed; aborted transfer of ""

8/8/2016 9:10:01 AM - USER_FILEZILLA (62.154.Y.X)> disconnected.

8/8/2016 9:10:01 AM - (not logged in) (62.154.Y.X)> Connected on port 21, sending welcome message...

8/8/2016 9:10:01 AM - (not logged in) (62.154.Y.X)> 220-FileZilla Server 0.9.57 beta

8/8/2016 9:10:01 AM - (not logged in) (62.154.Y.X)> 220-written by Tim Kosse (tim.kosse@filezilla-project.org)

8/8/2016 9:10:01 AM - (not logged in) (62.154.Y.X)> 220 Please visit https://filezilla-project.org/

8/8/2016 9:10:01 AM - (not logged in) (62.154.Y.X)> USER USER_FILEZILLA

8/8/2016 9:10:01 AM - (not logged in) (62.154.Y.X)> 331 Password required for 

As mentioned, there are several FTP transfers taking place on a daily (automated) basis and sweeping over the 140+ port range assigned to the FileZilla FTP server (acting in passive mode).

I have a Wireshark capture running on the VM hosted in Azure; I can see from the Wireshark captures that the "426 connection closed" events are actually matched by a RST sourced by the VM in Azure and sent back to the client that issued the PASV command (i.e. in the above example, the FTP server replies to the client PASV command with the port: 234,235 -> 60139; the client attempt to open a data channel to the port 60139 in order to start the transfer -> the FTP server replies immediately (within MS according to the Wireshark capture) issuing a RST to the client).

I thought of some ephemeral ports allocation issue on the FTP server side -> so I reduced the allowed dynamic OS ephemeral port range to do not overlap the FTP passive port range - using the

netsh int ipv4 set dynamicport tcp start=49152 num=10000

also, I explicitly added port range reservation to the netsh stack via the command

netsh int ip add excludeportrange protocol=tcp startport=60000 numberofports=141 store=persistent

Still, the problem is still occasionally happening.

I read the extensive technical discussions on this website as well as on the MS Azure technet session about how Azure monitors the endpoints status (when part of a LB set) but this is not applicable in my case as FTP Passive transfers (retrieval and uploads) on random ports within the reserved FTP passive port range are generally working fine.

I can provide additional details if needed - in the meantime, I would be grateful for additional suggestions into troubleshooting / investigations on server and client side (pretty much sure the issue is not network or network configuration related).

I also would like to ask for additional troubleshooting / investigation suggestions / tips as to how debug winsock for possible server side sockets availability issues.