You need to open the same range on the firewall. Passive mode passes the listening port number to the client up the Control Session on port 21 so that the client opens a second connection in to the server on the given listening port. There is no point in the server opening a port, telling the client to connect to it, only for the firewall to block it.
FTP only uses TCP, so you need to open TCP ports 55536-56559.
*edit*
Quote:
If your firewall supports FTP connection tracking though, you should be fine only with the port 21
|
This also! Sounded like I was contradicting this, but I just didn't read it properly :-)