Help - Search - Members - Calendar
Full Version: Ftp Server Behind Router Firewall
The Other Side forums - suitable for mature readers! > The Other Side forums > Tips and tricks
Sir Psycho Sexy
Not sure if there's a way around this but last year I used to have a ftp server for...things >_>

anyway, this year i want the same but because I'm behind a router it doesn't seem to be very happy with it, the best I've managed with it was someone logging on, but they couldn't switch off passive mode and I'll be buggered if there's anything I could do about it, so, any ideas? if you need more info I can find it
If you are running an FTP server make sure that both port 20 (data) and 21 (control) are open and forwarded to the machine running the FTP server, if this is already setup then keep reading.

You should be aware that NTL (and possibly some other providers) block the FTP data port but not the control port, this causes it to appear that the server works until it comes to transferring something when it all goes horribly wrong because it can't actually send or recieve anything over the data port (this is because all the login stuff happens through the control connection but when it comes to transferring files or directory listings a seperate data connection is used, clearly the only reason NTL don't block both is because they are bastards).
Passive mode FTP is designed for use when the client is behind a firewall with NAT, the client may confused into using passive mode because of NTLs blocking of the data port.

Since it's not usually possible to configure an FTP client to use non-standard ports the best way around this is to give up on FTP and use SCP/SFTP instead. SCP (secure copy) is similar to FTP but does everything over encrypted tunnels on port 22 (which is not usually blocked by ISPs). The SCP server comes with OpenSSH (which provides secure login shells and tunnels as well) and I believe windows versions are available here: A windows client is also available called WinSCP. SCP/SFTP have the added advantage that hackers/ISPs/whatever can't see what you are sending but the disadvantage that it's less common and slowed down slightly by the encryption, but at least it isn't blocked by NTL.
what moop said.

I had problems with NTL's port 20 blocking tactics... *shakes fist*

damn you wee NTL.
Sir Psycho Sexy
how odd....I never had that problem last year (with ntl) is it a new thing they've implimented?

I'll look into it, ta biggrin.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.