Port conflict - remote access and passive ftp - other than active ftp, any other solution?

Posted on 2007-12-07
Last Modified: 2013-11-29

I'm running the latest MS Small Business Server, with 2 workstations and an FTP server for client art files.

I work via remote access from a site 50 kms away from the office, taking over one of the office machines. We have had to use ACTIVE rather than PASSIVE ftp connections. Unfortunately, there is a port conflict between remote terminal access and passive ftp, ie. the range of open ports required for passive ftp connections conflicts with the port required for remote access.

I provide PC clients with a preconfigured FTP client program for PC (WSFTP). At least 50% of clients contact us to say the FTP server isn't working. It *is* working of course, but we have to take them through how to use the preconfigured client program, despite the detailed notes we provide. Argh.

Is there any way to get PASSIVE FTP and REMOTE access working together? Any help would MOST greatly appreciated.

Kind Regards

Scott Wilson

Question by:thewillo
  • 2
  • 2
LVL 22

Expert Comment

ID: 20426978
Did you try to connect using VPN connection?

LVL 57

Expert Comment

ID: 20430501
There should be no port conflict between RDC and passive FTP.  What leads you to this conclusion?

Passive FTP's data connection port range is anything above 1024, that is port numbers 1024 - 65535.  Even though RDC uses a port with that range, the way passive FTP (actually the way requesting a TCP port number) there would be no conflict.

Author Comment

ID: 20432270
Hi Dan - VPN is no good. Access speed way too slow.

Hi Giltjr - OK. I'm intrigued here. The system has been set up by an external IT guy who has been rock solid so far with all aspects of the installation. He mentioned that Active FTP was necessary due to the port conflict and I simply accepted that. What are your thoughts here? Are there security issues to consider using passive ftp and remote access together? My understanding was that it simply didnt work.

Have you actually set up a SBS network with passive ftp and remote access? How did you configure it? Look forward to your response.
LVL 57

Accepted Solution

giltjr earned 500 total points
ID: 20432820
There is no special configuration needed.  Windows Terminal Server listens on port 3389 by default.

When using passive ftp the server will open a TCP socket (port) for the data transfer session, it does not request a specific port, it requests any port that is numbered above 1023.  TCP keeps track of all open ports and will not open one that is already in use, since TS uses port 3389, TCP will never let the ftp server use this port.  So no conflict.

Depending on what firewall you use, there could be some security issues when using passive ftp.   If your firewall does not inspect ftp command/control sessions, then you must configure the firewall to allow all inbound request to your ftp server where the source and desitnation ports are above 1023.  This is not considered secure.  If your firewall inspects ftp command/control sessions, then it will dynamically create the rules to allow the data transfer connections through.  However most companies configure their firewalls not to allow active ftp.

Author Closing Comment

ID: 31413359
Thanks, and sorry for slow response. We followed your advice and sure enough there is no conflict. Passive FTP and remote access now working together. You have solved a major problem in the business here.. Many thanks :)

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Small Business Server 2011. NOTE: This guide has been written using the preview version of SBS2011 therefore some of the screens may …
Understanding FTPS File transfer is a common requirement in most Enterprises. While there are numerous ways to get a file from Point A to Point B over a network, perhaps the most common method still in use is FTP – File Transfer Protocol. FTP is …
Viewers will learn how to properly install and use Secure Shell (SSH) to work on projects or homework remotely. Download Secure Shell: Follow basic installation instructions: Open Secure Shell and use "Quick Connect" to enter credentials includi…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question