How to differentiate between File Transfer Protocol active mode and passive mode?

FTP(File Transfer Protocol) is a common protocol in the file transfer process. Many companies build FTP servers to provide file download services. Here are two transfer modes for FTP. FTP differs from other services in that it uses two ports and one data port. And a command port (or called control port). Usually, port 21 is the command port and port 20 is the data port. When the concept of active/passive mode is mixed in, the data port may not be 20.

file transfer protocol

Active Mode

The working principle of the active mode: FTP client uses N (N>1023) port to connect to port 21 of the FTP server, sends a user name and password to log in, and after successful login to list or read data, the client opens the N+1 port. Send the PORT command to the FTP server, tell the server-client to adopt the active mode and open the port; After receiving the PORT active mode command and port number, the FTP server connects through the server's 20 port and the client's open port to send data.

Passive Mode

The working principle of the passive mode: the FTP client uses N (N>1023) to connect to port 21 of the FTP server, and sends a user name and password to log in. After successful login, if you want to list or read data, send a PASV command to the FTP server. Open a port locally (above 1024), and then tell the client the open port. The client then connects to the open port of the server through the N+1 port for data transmission.

Active Mode VS Passive Mode

The difference between the two is that when establishing a data movement connection, the main mode connection initiator is server-side, and the port 20 connects to the client's N+1 port to establish the data connection; the passive mode connection initiator is the client, and the client uses Port number +1 to connect to a high-order part of the server.

Differences IN Network Settings

Scenario: The FTP client and server are on different networks, and a firewall is required between the two networks. The client's FTP software sets the port segment opened in active mode, and the corresponding port segment can be opened on the client's firewall. There is a common problem: only port 21 is opened on the server-side, and no port is opened on the client machine. The passive mode adopted by the FTP client connection results in that the client can log in successfully, but cannot list and read data. It is because the server does not open the random port in passive mode.

In passive mode, the open ports on the server-side are random, but the firewall must not be fully open. The solution is to open some random high-level ports in the passive mode of the FTP server configuration (range in the FTP server software settings, you can set any 1024 on Port segment), and then set the rules in the firewall, open the corresponding port number on the server-side.

Share This:

You might also like

Industry news

November 27, 2020

Top 4 FTP Exploits Used Hackers and the Solutions

File Transfer Protocol FTP is one of the earliest and still used data sharing methods.

Read more

Industry news

October 15, 2020

How to ensure enterprise data transfer compliance?

In this era of big data, it is common for individuals or enterprise groups to violate their private information or confidential documents and even make profits.

Read more

Industry news

August 3, 2020

How to Choose the Large File Transfer Software? Here are Some Tips

Many of our enterprise customers are migrating from complex file transfer solutions that require time-consuming configuration to Raysync.

Read more

We use cookies and similar technologies to collect information about how you interact with our website and allow us to remember you. We use this information in order to improve and customize your browsing experience and for analytics and metrics about our visitors both on this website and other media. To find out more about the cookies we use, see our Cookie Policy & Privacy.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference not to be tracked.