Bobcares
Client Area
Emergency Support
FTP | Latest | Server Management

ProFTPD passive ports – Here is the easy way to configure it

by | Nov 29, 2019

Thinking how to enable ProFTPD passive ports? Here’s how we do it.

Enabling passive ports helps establish remote connections.

At Bobcares, we often get requests to enable passive ports, as a part of our Server Management Services.

Today, we will have a look at how our Support Engineers enable ProFTPD passive ports.

 

Why do we configure passive ports for ProFTPD?

Usually, an FTP service uses two ports, a data port, and a control port.

In the active mode, the client establishes the control channel. And the server establishes a data channel. This can be a problem if, the client machine is firewall-protected which denies requests from external connections.

Whereas, in passive mode, the client establishes both the channels. Here, the client requests the server to listen on a port. And the server returns the port number to the client. So the client connects to it. Finally, it creates the data channel and continues.

So, we configure additional port range so that ProFTPD service can run in passive mode.

 

How we configure ProFTPD passive ports?

Our customers often approach us to configure passive ports for ProFTPD. Let’s see how our Support Engineers do this.

Initially, we connect to the server and check for any already configured passive ports.

If there are no passive ports configured, we do it for them. For this, we create a local config file in the ProFTPD folder.

touch /etc/proftpd.d/local.conf

Later, we open this file and add the passive port range,

<Global>
PassivePorts 49152 65535
</Global>

In most cases, we use the IANA registered port range.

Then we save the changes.

We also enable the required kernel modules. For instance, we enable the nf_conntrack_ftp module, using the command,

/sbin/modprobe nf_conntrack_ftp

If the server uses NAT, then additionally, we need to enable, nf_nat_ftp module.

Then we add the following rule in iptables config file /etc/sysconfig/iptables-config,

IPTABLES_MODULES="nf_conntrack_ftp ip_nat_ftp"

Most importantly, we also ensure to open the passive port in the server firewall. Otherwise, the firewall blocks the external connection from the client. We add the iptables rule as follows,

Firewall rules to open proftpd passive ports.

Thus we configure passive port range in ProFTPD.

 

Error after enabling ProFTPD passive ports

Sometimes, ProFTPD will not work in passive mode. Our Support Engineers fix this error of our customers.

In this case, we check if the active mode is working or not. If this is working correctly then it is quite simple to fix this error.

The error shows up because of the firewall restriction over the passive ports. So, we edit the iptables config file. Firstly, we open the file.

nano /etc/sysconfig/iptables-config

Then we add the following line,

IPTABLES_MODULES="ip_conntrack_ftp ip_nat_ftp"

Later we restart the iptables service.

service iptables restart

 

[Still having trouble in configuring passive port range? – We’ll help you.]

 

Conclusion

So far, we saw how to configure ProFTPD passive ports. Also, we saw how our Support Engineers fixed a related error.

Related posts:

  1. Proftpd permission denied : How to resolve?
  2. Proftpd connection refused – Let’s see how we easily patched it
  3. ProFTPD create user : How to add a new user?
  4. Pure-ftpd 530 login authentication failed on Directadmin – Let’s fix it

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

2 Comments

  1. prasanth reddy ummadi
    prasanth reddy ummadi on 2022-12-28 at 15:58

    Hi Bobcares team,

    we are using proftpd as a ftp server. we enabled passiveports. we are able to access ftp server from office network. but when tried to access the ftp server from outside network we are seeing below exception.
    ftp> ls
    421 Service not available, remote server has closed connection
    we run passive command and run ls. we are not seeing any output. cursor is in hang.
    could you please let us know how to overcome the issue.

    Reply
    • Hiba Razak
      Hiba Razak on 2022-12-28 at 16:05

      Hi Prasanth,
      Our experts can help you with the issue.we will be happy to talk to you through our live chat(click on the icon at right-bottom).

      Reply

Submit a Comment

Your email address will not be published. Required fields are marked *

server management

Spend time on your business, not on your servers.

TALK TO US

Or click here to learn more.

Related Articles

  1. Proftpd permission denied : How to resolve?
  2. Proftpd connection refused – Let’s see how we easily patched it
  3. ProFTPD create user : How to add a new user?
  4. Pure-ftpd 530 login authentication failed on Directadmin – Let’s fix it

Never again lose customers to poor
server speed! Let us help you.

GET STARTED

Privacy Preference Center

Consent Management

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience.

Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer.

Privacy Policy

Required
By using this site, you agree to our Privacy Policy.

Necessary

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

PHPSESSID - Preserves user session state across page requests.

gdpr[consent_types] - Used to store user consents.

gdpr[allowed_cookies] - Used to store user allowed cookies.

Cookies Used

Required
PHPSESSID, gdpr[consent_types], gdpr[allowed_cookies]

livechat.bobcares.com

Opt Out
PHPSESSID

my.bobcares.com

Opt Out
WHMCSpKDlPzh2chML

Statistics

Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.

_ga - Preserves user session state across page requests.

_gat - Used by Google Analytics to throttle request rate

_gid - Registers a unique ID that is used to generate statistical data on how you use the website.

smartlookCookie - Used to collect user device and location information of the site visitors to improve the websites User Experience.

Cookies Used

_ga, _gat, _gid

google.com

Opt Out
_ga, _gat, _gid

manager.smartlook.com

Opt Out
smartlookCookie

clarity.microsoft.com

Opt Out
_clck, _clsk, CLID, ANONCHK, MR, MUID, SM

Marketing

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

IDE - Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

test_cookie - Used to check if the user's browser supports cookies.

1P_JAR - Google cookie. These cookies are used to collect website statistics and track conversion rates.

NID - Registers a unique ID that identifies a returning user's device. The ID is used for serving ads that are most relevant to the user.

DV - Google ad personalisation

_reb2bgeo - The visitor's geographical location

_reb2bloaded - Whether or not the script loaded for the visitor

_reb2bref - The referring URL for the visit

_reb2bsessionID - The visitor's RB2B session ID

_reb2buid - The visitor's RB2B user ID

Cookies Used

IDE, test_cookie, 1P_JAR, NID, DV, NID

doubleclick.net

Opt Out
IDE, test_cookie

google.co.in

Opt Out
1P_JAR, NID, DV

google.com

Opt Out
NID

olark.com

Opt Out
hblid

rb2b.com

Opt Out
_reb2bgeo, _reb2bloaded, _reb2bref, _reb2bsessionID, _reb2buid

Security

These are essential site cookies, used by the google reCAPTCHA. These cookies use an unique identifier to verify if a visitor is human or a bot.

Cookies Used

SID, APISID, HSID, NID, PREF

google.com

Opt Out
SID, APISID, HSID, NID, PREF