Using ftp in iad03
3:06 PMUsing FTP in IAD03
You requested Networking to open ports 20 and 21. FTP connections using Active Mode work fine but Passive mode isn't working. Symptoms include being able to authenticate but trying to do a directory listing or upload/download a file fail, logging the person out.You need to configure the FTP daemon software to use a high port range for Passive mode transfers. Start at port 1025 and go from there (32768 is good.) The firewall, generally, won't let you make connections from a low numbered port.
Also, do NOT configure the FTP daemon to hand out the public IP address associated with the FTP server. By this, I mean, your FTP daemon software may allow you to specify an IP address for use in general or specifically for Passive mode. You don't need to set this. When the PORT command is sent, the load balancers will intercept it and substitute the proper VIP address. If you do set an explicit IP address, the load balancers will assume it is a forged PORT command and drop the session entirely.
If the wiki allowed for file uploading, I could show you an example using the Filezilla FTP Server software, but....
Here are two references on Active mode and Passive mode FTP:
FTP from Wikipedia
FTP and firewalls from NcFTP
0 comments