Filezilla client unable to get directory listing from a Windows Filezilla Server

Posted on 2014-02-04
Last Modified: 2014-02-04
I am connected from a Windows 7 workstation that has FTP Filezilla Client installed. I am connecting to a Windows Server 2003 via a Hardware Firewall VPN that has Filezilla Server installed. I am able to connect to the server but I am not able to see the directory listing of the folders. On the server the local windows firewall is not running so I am unsure what is at fault. I am able to commit to the FTP Folder, just not able to review the listing directory.
Question by:GenieMaster
LVL 17

Expert Comment

by:Kent Dyer
ID: 39832410
Reading this..  First immediate thought that comes to mind is permissions..  The other immediate thought is FTP and then SFTP..  What are the permissions?  What ports is the FTP/SFTP server working with?  Is it port 21 or port 22?  If it is port 22, do you have a valid ssl cert configured and setup?

Author Comment

ID: 39832538
The port the FTP server is listening on is Port 21

I have read something about that you may need to set it up in Passive Mode in order for it to work correctly but am unsure on how to set this up.

On Filezilla it says
"Use custom PASV settings if you are operating the server from behind a NAT router or a firewall. In that case, the IP address of the server is not accessible from outside of the router, so you should fill in the correct address here. Use the port range to limit the number of ports that will need to be forwarded through the router."
LVL 16

Accepted Solution

AlexPace earned 250 total points
ID: 39832812
The connection and user authentication happens on the port 21 control channel.  

To get a directory listing, the client sends the LIST verb on the control channel but then actually receives the listing on a data channel connection that is negotiated on an as needed basis by sending either the PORT or PASV command.

The PORT command is sent when the client wants an Active Mode data channel and obviously PASV for Passive Mode.

In Active Mode, your network security must be configured to allow the server to initiate an inbound connection back to the client machine.  If your client machine has a private address, for example in the 10.x.x.x or 192.168.x.x ranges, then your client either needs to send a public address or your firewall will need to snoop the control channel and replace the private address with a public address on the fly...  This used to be a high-end feature but these days consumer-grade NAT routers can do it.

In Passive Mode, your network security must be configured to allow your client machine to make an outbound connection to any port in the server's passive port range.  You don't know what port it will be until the server responds to the client's PASV request.

For either mode, the IP address and port number are represented as a set of six comma-separated numbers.  The first four numbers is the IP address.  The last 2 numbers represent the port number.  Sometimes you need to calculate the exact port for troubleshooting purposes... to do that multiply the 5th number by 256 and then add the value of the 6th number.  It will be a number higher than 1024 and less than 65536.  The administrator of the remote FTP server should be able to tell you their passive port range so you don't have to guess when you make your pinhole in the firewall.

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Moving SQl Server SBS 2003 to SQL Server 2014 27 137
RDP up only between 8am-13.00 pm ? 11 80
Bizarre hard disk problem 15 130
2003 Server DNS/FS errors 6 65
This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question