We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now


firefox and linux ftp cannot connect to vsftpd server.  It seems that vsftpd changes ports every time.

bisonfur37 asked
Medium Priority
Last Modified: 2012-06-27
I have found out that FTP can turn out to be a major pain and although I have found many postings regarding this subject, I have yet to find a clear answer.  That is why I am giving this question a bunch of points.  The issue can be summed up as follows:
1. unix ftp client has problem with vsftpd server
2. firefox(regardless of windows or linux) has problems with vsftpd server
3. IE has no problems with vsftpd server
4. IE has problems with vsftpd server only when it is routed through a linux machine acting as router/firewall/NAT

Below are the specifics to this problem.  I tried adding pasv_promiscuous=YES to vsftpd along with other settings but I still cannot connect using firefox or linux, besides, it works on IE. I believe the problem to be that every time I connect to the ftp server it seems to connect to a different port.  All of my linux machines are running a firewall so they are probably blocking the traffic although they are able to log in.
Every time I connect to vsftpd I get the line "(192,168,123,177,164,56)" with the last two numbers always changing.  Is there a way to have vsftpd connect on the same port every time?  What about the connect_from_port_20=YES option?  Any suggestions?

Network layout:

                                                 | Firewall PC (linux) ->     | Win2K pc
                                                 | Dell(XP)
Verizon DSL modem -> router ->      | ftp server (linux)
                                                 | HP(XP)
                                                 | wireless (router) ->      | fujitsu(XP)
                                                                               | dell(XP)

Firewall PC (acts as router with firewall and NAT)
  linux ftp:
    230 Login successful. Have fun.
    Remote system type is UNIX.
    Using binary mode to transfer files.
    ftp> passive
    Passive mode off.
    ftp> ls
    200 PORT command successful. Consider using PASV.
    425 Failed to establish connection.
    425 failed to establish connection

Win2K pc (through Firewall PC)
    200 switching to ASCII mode
    500 illegal PORT command
    500 unknown command
  dos ftp
    500 Illegal PORT command
    425 Use PORT or PASV first.

  dos ftp
    works for uploads and downloads
    425 failed to establish connection

  IE (6.0.2800.1106xpsp2.030422-1633IC)
  dos ftp

dell(XP) through wireless router
  IE (6.0.2800.1106xpsp2.030422-1633IC)
  dos ftp

fujitsu(XP) through wireless router
  IE (6.0.2800.1106.xpclnt_qfe.021108-2107IC)
  dos ftp
    425 failed to establish connection
Watch Question

Top Expert 2005
Unlock this solution and get a sample of our free trial.
(No credit card required)


Good.  Thank you for the explanation.  Now I will look for a way to restrict the range of ports.  I'll close this answer soon and you definitely take most, if not all of the points.  Thank you.
Top Expert 2005

I just looked at the vsftpd docs and the config directives pasv_max_port & pasv_min_port allow the restriction of the ephemeral port range, see 'man vsftpd.conf'
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.


Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.