Typically, firewalls are configured to allow connections to be made on the standard ports. HTTP business is transacted on a single connection, and rarely encounters firewall problems.

However, in accordance with the FTP standards, each FTP file transfer or file listing is transacted on a separate connection, using higher-numbered ports that are assigned dynamically from a pool of currently-used ports. These ports are assigned by the underlying network software. Independent of the network software, a firewall may be configured to block access to higher-numbered ports. The symptom of firewall blockage with FTP is that the client can login to the server, and can accomplish certain management functions, but no file transfers or file listings can be done.

If the firewall is for the FTP server, then the Boolean property Passive should be False. If the firewall is on the client side, then Passive should be True. If there are firewalls on both sides, then some relaxation in the firewall constraints needs to be implemented if FTP is to be used.

Copyright © 2008 Catalyst Development Corporation. All rights reserved.