Submit a ticketCall us

Announcing NCM 7.7
With NCM 7.7, you can examine the rules that make up an access control list for a Cisco ASA device. Then you can apply filters to display only rules that meet the specified criteria, order the rules by line number or by the hit count, and much more.
See new features and improvements.

Home > Success Center > Serv-U Managed File Transfer & Serv-U FTP Server > FTP Client and FTP Server display a different PASV response when using Windows Firewall

FTP Client and FTP Server display a different PASV response when using Windows Firewall

Updated May 5, 2017

Overview

There are cases where the Windows Firewall changes the outbound passive (PASV) mode response from Serv-U to an FTP client. The Serv-U log shows the proper PASV port specified under Server > Settings > Advanced. The client's log, however, indicates a different port. 

Use the following formula to calculate the PASV port:

Note: The port is specified in the last two numbers in a PASV response.

((The second to the last set of numbers x 256) + port number)

 

For example:

227 Entering Passive Mode (127,0,0,1,195,80).

((195 x 256) + 80) =50,000

 

Environment

All Serv-U versions

Cause

The issue is caused by the default FTP Server rule included in the firewall for port 21, which is designed for the Windows FTP service.

Resolution

  1. Open the Windows Firewall configuration page through Control Panel > Windows Firewall.
  2. Click Advanced.
  3. Click Network Connection Settings > Settings.
  4. Highlight the appropriate network interface. If more than one shows in the list, select the network interface first.
  5. Clear the FTP Server option from the Services list.

The Windows Firewall should no longer modify Serv-U's PASV response. 

 

 

 

Last modified
20:38, 4 May 2017

Tags

Classifications

Public