Active vs passive ftp
Home > Network troubleshooting > Active vs passive ftp
In case of active ftp client first connects to server on port 21. Then client sends a port number for data transfer to server. The server is then expected to connect to client specified port number, from port 20 of server. This is an issue if client is behind NAT or behind firewall which does not understands ftp.
In case of passive ftp client first connects to a server on port 21 and then makes a request for passive connection using PASV command. In response to this server replies with IP address and two numbers in form of A,B,C,D,E,F. Here A.B.C.D is the IPv4 address where client is expected to connect for passive transfer. The port number for passive transfer would be E*256+F.
In case of passive ftp we can typically configure what range of ports should be used by server for passive transfer. For example for Windows Server 2003 the ports can be set using procedure explained at https://support.microsoft.com/en-in/help/555022
Ideally as long as possible, prefer use of sftp subsystem on top of ssh for sharing files. The protocol is more secure and easy to configure. Also it plays well with firewall and NAT in comparison to ftp.
