Unable to connect to SFTP endpoint - VisualCron - Forum

Community forum

Epworth
2023-01-23T04:08:11Z
Hi all,

I'm trying to setup a SFTP job with public key encryption using VisualCron 9.9.8 . But everytime I test the connection, i receive a connection time out error. I've had a chat with our infra team and they have advised that the traffic is enabled from our client to the external endpoint. Can someone please assist with this?

This is the error I receive when trying to connect via Connection Explorer:

SBSocket.EElSocketError: Connection timeout
at SBSocketClient.TElBaseSocketClient.DoMessageLoop(Boolean NoPeek)
at SBSimpleSftp.TElSimpleSFTPClient.Open()
at KMCPMLJEEGDBHLIJENNBEMANBKDFBCJONOKB.OCHLGMNAHFPMFFMCCEGDNFOLGPFBABHFGOFM(Object , KMCPMLJEEGDBHLIJENNBEMANBKDFBCJONOKB )
at ctlRemoteBrowser.ConnectThread(Object connectionObject) in C:\git\code\VisualCron\Connections\ConnectionExplorer\ctlRemoteBrowser.vb:line 1605



Please note that I can connect to the SFTP endpoint via WinSCP.
Sponsor
Forum information
SickPup404
2023-01-25T16:20:04Z
I use an SFTP task in several of my jobs, and use WinSCP as well. Not sure if any of this will help, but here's what I would check (sorry if some is obvious).

In the SSH Keys Global Object
  • Make sure you have the correct key pair imported (especially when changing between test/prod servers)
  • Verify key fingerprints
  • The PPK file should be the same file you use in WinSCP


In the Connection Global Object for the SFTP connection
  • Verify your protocol is set for SFTP in the Common Settings tab
  • Verify the Server Address (blah.server.name.com) and Port (22) in the Connection Settings/Main Settings tab, Server section
  • Verify the Authentication Type, User Name, and the correct private key is selected in the Connection Settings/Main Settings tab, Credentials section
  • For my connection, I did NOT need to change anything from the defaults on any other tab which you might (proxy, etc)
  • Go back to the Common Settings tab and click "Test"


Other
  • Ask your network team to verify f/w rules for traffic permission
  • Ask the owner of the external server to verify f/w rules on their end as well (extra effort here as you may have a similar problem I did since we use an egress endpoint that NAT'd the VC server address we gave the vendor)
  • Ask network teams on BOTH ends to monitor live logs for packet refusals when you make an attempted connection (this is where we found out about the egress point IP translation)


Hope this helps!
[EDIT - Sorry, preview made me lose most of the post.]
Scroll to Top