I have FTP
active mode enabled on my firewall. Due to port failure errors I need to
switch over to FTP PASSIVE transfer mode. I need help configuring FTP
Passive mode. I've looked all over the Phoneboy.com site but came across
pages concerning the difference between Active and Passive mode but nothing
about actually enabling Passive mode ftp.
I already have
FTP control Port (21) open both coming in and going out of my FTP server.
I'm wondering about the data connection port.
Do I need to
remove the FTP data service (20) that was originally configured for Active
FTP transfers ?
In the list of
services, I see a service called FTP-PASV. Do I have to allow this service
both coming into my FTP server and going out of my FTP server
?
i.e. should my
rulebase look like this ?
Source
Destination
Service
Action
FTPserver
Any
FTP-Passive Allow
Any
FTPserver
FTP-PAssive Allow
In Policy -
Properties - Services tab - I have the Enable FTP_PORT DAta Connections and
Enable FTP_PASV Data connections options already
checked.
Please
advise.
Thanks.
RB