Knowledgebase: Pre-Sales
FileCatalyst Server and Client Port Configuration and Troubleshooting
Posted by Aly Essa, Last modified by Aly Essa on 03 November 2016 11:22 AM

Overview

After the installation of both client and server apps are complete, there may be transfer issues and/or connection issues. This may be a firewall and port issue.

If the following scenario sounds familiar, this article may be for you:

Scenario:


You have run through the installers on both the client and server side and have done what seems to be the required work (creating user accounts, added storage devices, etc) to initiate a file transfer. The file transfer fails. At this point you may have recognized that port 21 (assuming that the defaults are used) needs to get through your firewall and/or NAT, have made the administrative changes and tried again. It looks like a connection is now made, but the file transfer itself fails.

 

Both stages are symptomatic of firewall/NAT issues, and unfortunately, there's no way we can make things easier from the FileCatalyst application itself.  Before FileCatalyst can transfer files, some work needs to be done by the network administrator with regard to the ports, which need to be able to get through the firewall and forward properly in the NAT.

 

Environment

FileCatalyst Server v3.4 and later.

FileCatalyst HotFolder v3.4 and later.

FileCatalyst Express v3.4 and later.

 

Resolution

The following ports should be opened:

  • Port 21 for TCP.
    This is used as the communication channel. Port 21 is a default specified in the FileCatalyst Server and is not secure. You can change this as long as both FileCatalyst Server and Client Applications are using the same port.

  • Port 990 for TCP.
    This Port is secured over SSL and is also used as the communication channel. The default value of 990 can also be changed in the FileCatalyst Server Remote Admin Application.

  • Port range 8000-8999 for TCP and UDP.
    Some firewalls and NAT devices require setting up 2 separate rules and others allow you to specify TCP and UDP. These ports are used to transfer the Data to and from the FileCatalyst Server and is commonly referred to as the Data Channel.
     
  • Port 12400 for TCP.
    This is the Remote Admin Port. This port is exclusive to the FileCatalyst Server Remote Admin Application.

  • Port 12480 for TCP.
    The internal Web Server uses this port to broadcast all communications. The Admin Applet, Link and Servlet are hosted from this Web Server.
  • Enable Masquerade Address (if behind NAT device)
    The FileCatalyst Server itself now needs to know that it's working through a NAT device. To enable this:
    1. Open the Server Remote Admin Application.
    2. Select Advanced on the left-hand side.
    3. Check the box to Enable Masquerade Address.
    4. In the address field, enter the Public IP. This is not the IP of the machine running the FileCatalyst Server. If the network device acts as a gateway between your network and the public internet, you can find the public internet address quite easily by browsing from any machine to this site: http://whatismyip.com 
    5. Hit Apply.

 

 

Notes

  1. With regards to NAT, if you are behind any sort of device (ie a router) that forwards ports, these need to be configured as well. The exact same ports and protocols as the firewall need to be forwarded from the device to the machine that hosts the FileCatalyst Server.

  2. A few other troubleshooting notes:

    1. Check your processes and make sure you are not accidentally running multiple instances of FileCatalyst Server or the Server Remote Admin Application, which will conflict with each other. This also applies to the FileCatalyst Hotfolder and HotFolder Remote Admin Application.

    2. Make sure that another application is not trying to use the same ports. Most commonly, a pre-existing FTP server will already be bound to Port 21 and sometimes Port 22.

    3. Verify that an unexpected extra firewall or intrusion detection device is not in the way. Some organizations' IT departments have created security scenarios in which Windows (or other built-in) Firewalls are meant to be disabled. If these firewalls are inadvertently re-enabled, the Command Channel or Data Channel might get blocked.