[SOLVED] open the port range for FTP passive transfer

ccc · 09-29-2013, 03:29 PM

hi

Which TCP or UDP ports do I need to open for FTP Server behind firewall (Passive Mode)?

On the NAS FTP server I have these ports enabled:

Port: 21
Passive ports: 55536-56559

I hope there are TCP ports and no any UDP ports needed for FTP passive mode.

acid_kewpie · 09-30-2013, 02:38 AM

they certainly all TCP though, if that's all you needed to know.

If your firewall supports FTP connection tracking though, you should be fine only with the port 21 connectivity as it will may automatically pick out the other ports from the control data.

baldy3105 · 09-30-2013, 01:16 PM

You need to open the same range on the firewall. Passive mode passes the listening port number to the client up the Control Session on port 21 so that the client opens a second connection in to the server on the given listening port. There is no point in the server opening a port, telling the client to connect to it, only for the firewall to block it.

FTP only uses TCP, so you need to open TCP ports 55536-56559.

*edit*

Quote:

If your firewall supports FTP connection tracking though, you should be fine only with the port 21

This also! Sounded like I was contradicting this, but I just didn't read it properly :-)

ccc · 10-01-2013, 04:03 PM