Our Products:   CompleteFTP  edtFTPnet/Free  edtFTPnet/PRO  edtFTPj/Free  edtFTPj/PRO
0 votes
1.9k views
in FAQ: edtFTPnet/PRO by (120 points)
I am starting to get a timeout when trying to establish an sftp connection on one of our proxy servers:

 

INFO [LicenseProperties] 28 Nov 2017 11:19:08.545 :  Licence expiry date: 31/12/9999
INFO [LicenseProperties] 28 Nov 2017 11:19:08.546 :  Production license
DEBUG [ProxyConnector] 28 Nov 2017 11:19:08.549 :  ProxySettings: Http syd-proxy:8080 (ausaconsole,hanna)
DEBUG [HostNameResolver] 28 Nov 2017 11:19:08.550 :  Resolving syd-proxy
DEBUG [HostNameResolver] 28 Nov 2017 11:19:08.553 :  Obtained 1 addresses
DEBUG [HostNameResolver] 28 Nov 2017 11:19:08.553 :  IP address: xx.xx.xx.xx
DEBUG [HostNameResolver] 28 Nov 2017 11:19:08.553 :  syd-proxy resolved to xx.xx.xx.xx
DEBUG [SSHSCPClient] 28 Nov 2017 11:19:08.554 :  Connecting to proxy xx.xx.xx.xx:8080
INFO [BaseSocket] 28 Nov 2017 11:19:08.554 :  Connecting to xx.xx.xx.xx:8080 with timeout 120000 ms
DEBUG [BaseSocket] 28 Nov 2017 11:19:08.557 :  Successfully connected to xx.xx.xx.xx:8080
DEBUG [SSHSCPClient] 28 Nov 2017 11:19:08.557 :  Sending proxy connect request yy.yy.yy.yy:22
DEBUG [HttpHeader] 28 Nov 2017 11:19:08.559 :  SetHeaderField(Host,yy.yy.yy.yy:22)
DEBUG [HttpHeader] 28 Nov 2017 11:19:08.559 :  SetHeaderField(User-Agent,edtFTPnet)
DEBUG [HttpHeader] 28 Nov 2017 11:19:08.559 :  SetHeaderField(Pragma,no-cache)
DEBUG [HttpHeader] 28 Nov 2017 11:19:08.559 :  SetHeaderField(Proxy-Connection,keep-alive)
DEBUG [HttpHeader] 28 Nov 2017 11:19:08.561 :  Reading response
DEBUG [HttpHeader] 28 Nov 2017 11:19:10.907 :  ProcessResponse: 'HTTP/1.0 200 Connection established'
DEBUG [SSHConnection] 28 Nov 2017 11:19:10.908 :  Beginning protocol negotiation
ERROR [SSHConnection] 28 Nov 2017 11:21:10.990 :  Protocol negotiation timeout
ERROR [SSHFTPClient] 28 Nov 2017 11:21:10.990 :  Failed to connect - closing connection
ERROR [SSHFTPClient] 28 Nov 2017 11:21:10.990 :  EnterpriseDT.Net.Ftp.Ssh.SFTPException: Protocol negotiation timeout
ERROR [SSHFTPClient] 28 Nov 2017 11:21:10.990 :     at EnterpriseDT.Net.Ftp.Ssh.SSHFTPClient.Connect()

 

The above is all I get in the log,

 

If I try on our backup proxy, the call succeeds with this in the log:

 

DEBUG [SSHConnection] 28 Nov 2017 15:30:21.802 :  Beginning protocol negotiation
DEBUG [PlainSocket] 28 Nov 2017 15:30:22.170 : SSHSCPClient.1 RepeatCallback received 21 bytes
DEBUG [ProtocolNegotiationHandler] 28 Nov 2017 15:30:22.172 : SSHSCPClient.1 offset=0,length=21
INFO [ProtocolNegotiationHandler] 28 Nov 2017 15:30:22.172 : SSHSCPClient.1 Server version = 'SSH-2.0-OpenSSH_5.3'
DEBUG [SSHUtil] 28 Nov 2017 15:30:22.172 : SSHSCPClient.1 Major string = '2'
DEBUG [SSHUtil] 28 Nov 2017 15:30:22.173 : SSHSCPClient.1 Minor string = '0'
DEBUG [SSHUtil] 28 Nov 2017 15:30:22.173 : SSHSCPClient.1 Version 2.0
DEBUG [SSHUtil] 28 Nov 2017 15:30:22.173 : SSHSCPClient.1 Protocol compatible
DEBUG [SSHConnection] 28 Nov 2017 15:30:22.173 :  Server version=SSH-2.0-OpenSSH_5.3

 

Any ideas as to why the SSHConnection call would consistently timeout on the main proxy?

I note the next line on the successful call is for PlainSocket...would this be the issue on the failed call?

 

Thanks

1 Answer

0 votes
by (2.7k points)
I don't have any idea why it would time out, but if you have two functionally identical proxies that behaving differently then you should be in a great position to diagnose the problem.  Given that it happens so early in the connection and that the connection isn't yet encrypted, using Wireshark should be relatively easy.  I'd run Wireshark on each of the two proxy connections and look for differences.  If there's no difference between the two on the client-side then you can probably be fairly confident that the problem is on the server-side.  In that case I'd be looking at the logs of the proxy software to see if there's an error.

Another approach to use would be to use an interactive client such as FileZilla to see if it also experiences the error.
by (120 points)
thanks for the prompt response.
I have used FileZilla and the connections succeed on both proxies without issue, so I agree that it must be a server issue.
I'll try to get a server-side trace.
by (2.7k points)
If it works with FileZilla and not with edtFTPnet/PRO on one of the proxies then they must be behaving differently, so comparing the bytes sent by FileZilla with those sent by edfFTPnet/PRO would be interesting.
by (120 points)
A snippet of info I have gleaned:
"Newer SSH clients that sends the SSH protocol info first doesn?t have the issue.
Older SSH clients wait for the protocol to be sent from the proxy which seems to be having issues."
Is there a setting in edtFTPnet/PRO I can enable that sends the SSH protocol first, instead of waiting for the proxy?
...