FTP Transfer Very Slow When Windows Firewall Enabled
We have a scheduled task that transfers a large file (~130 MB) between two Windows servers using the Windows command-line FTP program. It's painfully slow (taking about 30 minutes) and occasionally terminates before the transfer has completed. The servers are 2003 (sending) and 2008 (receiving).
If I transfer the file manually, using FileZilla's GUI, it runs considerably faster and is done in a couple of minutes. I can't use this approach though, because we want this to run automatically and FileZilla can't be scripted.
I've also noticed, when I disable the Windows 2003 Firewall, command line FTP is suddenly much faster, and reaches the same speed as FileZilla.
So, it seems I have a workaround in disabling/enabling the firewall before and after the transfer. But after Googling extensively, this doesn't seem to be a common problem, and I get the feeling something is configured wrongly somewhere.
Can anyone shed any light on why disabling the firewall improves the speed so dramatically? And why FileZilla is faster than command-line FTP (when the Firewall is enabled)?
Solution 1:
ICMP is an Internet host requirement. Sometimes admins block all ICMP because they "heard somewhere it was a security risk". But ICMP is not optional and TCP relies on it. (At a minimum, 'fragmentation required' must be permitted.)
Solution 2:
-
you need to know what is blocking first. Download Process Monitor from Sysinternals (Microsoft).
-
In that program, select only "show network activities" (a button on the bar on the upper left)
-
check the packets and find the FTP ones.
server1.domain.com:12345 -> server2.domain.com:21 -
righ click on the name of the process and select include to add the process that is running the ftp.
-
test the ftp tranfer with the firewall and without it.
-
compare both data. it should be a port blocked by the firewall. you should open that port between both PCs.