AR336 - Printable Version

+- Forums (
+-- Forum: CCNP (
+--- Forum: CCNP ENARSI 300-410 Forum (
+--- Thread: AR336 (/thread-2277.html)

AR336 - pc_evans - 02-24-2024

Correct answer is to configure to permit TCP ports higher than 1023.

Passive FTP is an FTP mode that can be requested by a client to alleviate the issues caused by client-side firewalls. Both the server and the client must support passive FTP for this process to work. When passive FTP is used, the client will initiate the connection to the server. This process is effective because most firewalls allow inbound traffic from sessions initiated by the client.   A passive FTP connection follows the following process:
  1. The client sends the PASV command to an FTP server on port 21. The source port is a random, high-numbered port. The destination port is 21.
  2. The server responds with the PORT command. The port command specifies a random, high-numbered (ephemeral) port that the client can connect to.
  3. The client initiates a connection to the server on this ephemeral port.
  4. The server responds with an ACK. The FTP session has now been established
Because the client initiates all connections, the client firewall will not block any traffic, as shown below:,The%20destination%20port%20is%2021.

RE: AR336 - help_desk - 02-25-2024

The question has been corrected, thank you!