Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
AR336
#1
Correct answer is to configure to permit TCP ports higher than 1023.

Passive FTP is an FTP mode that can be requested by a client to alleviate the issues caused by client-side firewalls. Both the server and the client must support passive FTP for this process to work. When passive FTP is used, the client will initiate the connection to the server. This process is effective because most firewalls allow inbound traffic from sessions initiated by the client.   A passive FTP connection follows the following process:
  1. The client sends the PASV command to an FTP server on port 21. The source port is a random, high-numbered port. The destination port is 21.
  2. The server responds with the PORT command. The port command specifies a random, high-numbered (ephemeral) port that the client can connect to.
  3. The client initiates a connection to the server on this ephemeral port.
  4. The server responds with an ACK. The FTP session has now been established
 
Because the client initiates all connections, the client firewall will not block any traffic, as shown below:

https://documentation.meraki.com/MX/NAT_...%20is%2021.
Reply


Messages In This Thread
AR336 - by pc_evans - 02-24-2024, 09:38 PM
RE: AR336 - by help_desk - 02-25-2024, 08:03 AM

Forum Jump:


Users browsing this thread: 1 Guest(s)