active ftp vs passive ftp

if i have a server behind a firewall and i am doing one to one nat, do i setup active ftp or passive ftp?
LVL 5
Kylo RenSystem EngineerAsked:
Who is Participating?
 
Gajendra RathodConnect With a Mentor Sr. System AdministratorCommented:
Use active FTP when the ftp server is  behind a firewall, router, or NAT device.

Active mode   : secure FTP server

Passive mode : less configuration changes on the Client's side.
0
 
FrabbleConnect With a Mentor Commented:
The difference between active and passive is that active has the client return an IP address and port that the server connects to for the data transfer, while passive has the server respond with an IP address and port that the client connects to.

In hosting an FTP server I believe you should be able to support clients connecting in either mode, bearing in mind that some client side setups require them to use passive only.

For your side, it depends if your firewall has FTP support, either as an application layer gateway (ALG) or proxy, if it does, then using NAT shouldn't be a problem.
Otherwise, for active mode you just need to allow all outgoing connections and for passive mode you will want the server to give the public address to the client and use a set range of ports to listen on which are port mapped on the firewall to the server.
0
All Courses

From novice to tech pro — start learning today.