Jump to content

Recommended Posts

hi all,

 

Retrospect uses 'active' FTP for backups. here is an excellent read on active FTP (passive is discussed too, but Retrospect doesn't do that):

 

http://slacksite.com/other/ftp.html#active

 

here is the KB article on FTP backup sets, it's also pretty thourough:

 

http://kb.dantz.com/article.asp?article=5759&p=2

 

short answer, you'll want port 21 open.

Link to comment
Share on other sites

Quote:

why does Dantz support non existant?

 


 

I don't know. Is "non existant" some product that they sell? I suppose if it is, then they would provide support for it just as they provide support for all their products.

 

Or perhaps the above is a typographical mistake, and you intended to ask "why is Dantz support non existant"?

 

To that, the short answer would be:

 

It isn't.

 

Dantz provides technical support for the products that they sell. They have a technical support department that is staffed by people who are employed for the purposes of providing that support.

 

Dantz techincal support was free of charge about four years ago, but at that time they started charging $75 per incident (not per call, per problem). At the same time, they set up this web forum as a community exchange, which is visited by some of the tech support folks (presumably when they are not busy on other incidents).

 

Of the three subjects you've brough up since your first post in September 1994, you have received a reply from NateW each time (and this time from Waltr too).

 

If you want faster, more personal attention, call Customer Support and purchase it.

 

Dave

Link to comment
Share on other sites

hi wolf,

 

Quote:

21 is open

 


 

how do you know this? you don't supply any evidence that it is open other than that you've seen it in the firewall config. since you can't use the ftp option in Retrospect with the firewall on, have you tested with another ftp product? remember you will have to use 'active' ftp as i pointed out above.

 

you may want to try some troubleshooting at this point to address the problem. as dave points out, you could also call EMC tech support since you are having such trouble.

 

remember that people on the forum need as complete a description as you can provide. we don't know you, and we aren't looking over your shoulder, so don't leave any descriptive elements out of your post. list all troubleshooting steps you've tried, or our conclusion will be that you have not done any.

Link to comment
Share on other sites

Quote:

Firewall on, don't work

Firewall off, does work

 


 

that really should tell you all you need to know right there. however, i'd be interested in whether you've tried Fetch in 'active' mode as well.

 

who uses Fetch anymore? isn't it a classic app? i thought they called it 'Transmit' these days or something.

Link to comment
Share on other sites

Quote:

who uses Fetch anymore?

 


Me, for one, and lots of other people. It's very nice.

Quote:

isn't it a classic app?

 


No, you are clearly misinformed. See: http://fetchsoftworks.com/. Older versions of the program run in the "Classic" environment, but the current version is Mac OS X only, and is still being maintained. Very nice.

 

Russ

Link to comment
Share on other sites

If you don't know the answer why do you post? I am not the only person in the world trying to back up to ftp with mac osx.

 

active or passive retrospect does NOT work with the firewall on? it would be nice if someone could explain why? I do not feel like wasting $69 for an obvious bug on Dantzs' part.

 

Fetch works fine with passive checked or passive unchecked.

 

once again 21 is open

497 is open

 

Firewall on, don't work

Firewall off, does work

Link to comment
Share on other sites

thanks russ,

 

i downloaded Fetch and gave it a test. it did connect between two Mac's with the firewall with the 'passive' preference unchecked. i tried this against a Filezilla FTP server because that FTP server has excellent logging. it shows the connection attempts to use active, but reverts to passive, which tells me Fetch is not a good program to troubleshoot this with.

 

as i noted above, Retrospect will _not_ use passive FTP. there is no way around this.

 

i'm researching some stuff on the Apple Firewall, IPFW (actually the BSD firewall). i won't promise anything and i don't know what i'll find, but that is definitely where the problem lies.

Link to comment
Share on other sites

hi wolf,

 

so i really searched & i've come up with a bit of arcana that should fix the problem. you need to add a firewall exception to the Macintosh that you are running Retrospect on, but there is no way to do this from the Finder. from the terminal you need to become root, then you can enter this command:

 

'ipfw add 00200 allow tcp from XXX.XXX.XXX.XXX 20 to any'

 

you can use 'ipfw show' to see that the rule is in place. a few notes:

 

1) the number 00200 is the rule number in the ipfw program. i've chosen a number that is not used by default, but caveat emptor.

2) XXX.XXX.XXX.XXX is the ip address of the FTP server you are trying to connect to.

 

there may be a way to loosen up the rules a bit, i'm not going into this any further. i leave that to the reader.

 

to do this from a GUI, you could probably do it pretty easily from OS X Server (although i'll also leave that to the reader), or in OS X Desktop you could try 'Flying Butress':

 

http://personalpages.tds.net/~brian_hill/brickhouse.html

 

which was formerly known as 'Brickhouse'. this is not an endorsement of that product, but just a suggestion for further research.

 

the problem is definitely not in Retrospect, it is in the firewall and GUI config for the firewall on OS X.

 

as an aside, you could post a feature request for 'Passive FTP' in the feature requests forum. i'd second that.

Link to comment
Share on other sites

Quote:

If you don't know the answer why do you post?

 


 

 

 

Because this is a Community Forum, where Retrospect users get together to help other Retrospect users.

 

 

 

Some posts may be requests for more information, some may be definitive answers, while others may just be comments.

 

 

 

It sounds as if WaltR has figured out the problem, and the results of his research will probably be something others will benefit from in the future.

 

 

 

Thanks, Walt.

 

 

 

Dave

Link to comment
Share on other sites

Quote:

I do not feel like wasting $69 for an obvious bug on Dantzs' part.

 


Sorry, but it's not a Retrospect bug. Retrospect just does not do passive FTP, and it's not a dessert topping, either. As your test shows, it's simply an issue with how you have your firewall rules set up:

Quote:

Firewall on, don't work

Firewall off, does work

 


I suggest that you follow up on waltr's suggestion as to how you might change your firewall configuration. Are you aware that FTP is an inherently-insecure protocol, and sends the FTP login/password "in the clear"? It might also be better to isolate your computer from the internet with a simple router/firewall appliance rather than using ipfw, so that you could leave ipfw turned off.

 

Russ

Link to comment
Share on other sites

Quote:

No, I solved my own problem

 


 

umm, not really. you just took the good advice given. if you hadn't let your attitude get in the way, you probably could have solved this a lot earlier.

 

Quote:

There is a range of ports that must be open to do active.

 


 

yes, this is true. in my solution i used any. i know this is a hard concept, but any = a whole range of ports

 

Quote:

I won't post the answer, let some loser pay Dantz there $69 next time.

 


 

i really don't think you understand the answer well enough to post it. i think you had a friend read my post and do it for you.

 

by the way, coming on the board and calling Dantz customers 'losers' isn't going to engender you to anyone on the board.

Link to comment
Share on other sites

Quote:

No, I solved my own problem as this forum AND Dantz' attitude towards the customer is useless.

 

There is a range of ports that must be open to do active. I won't post the answer, let some loser pay Dantz there $69 next time.

 


Sigh. No good deed goes unpunished. You came to this forum looking for assistance, several people took the time to point you in the right direction to fix your firewall's misconfiguration, and you return that help with scorn. Have a great day, glad your setup is now working.

 

Russ

Link to comment
Share on other sites

  • 5 months later...

Thank waltr. You suggestion worked for me. Your good deed should not go unrecognized .

 

I have been attempting to ftp (Internet) backup to a Buffalo TeraServer without success. Also, Internet backups failed after I upgraded my Mac to 10.4.x from 10.3.latest. I didn't know why. Now I do. It appears that something is wrong with the manner in which Mac OS X Tiger implements Firewalls.

 

Thanks again. This tip should be rolled into a Knowledge Base entry.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...