![]() ![]() Does anyone have any real world experience with the number of ports that I can allocate to this passive configuration, that will not be too small or too big? Thanks in advanced to all those that respond. ![]() I have googled for hours trying to find a best practices of the quantity of ftp passive ports to be used, but have not come back with anything conclusive. ![]() It uses an ephemeral port number as its sourceport in the TCP connection. I do not want to limit them too much, as some of the sessions might need to be left open for 2 hours because of large uploads/downloads. The server protocol interpreter (server-PI) listenson the special well-known TCP port reserved for FTP control connections: port 21.The user-PI initiates the connection by opening a TCP connection from the userdevice to the server on this port. When I look at my wireshark data I see that just in 60 seconds, that I have already used 2 - 4 passive ports. I have to take into consideration the total number of ftp instances allowed on the ftp server currently set to 30. To many, and it becomes a big hole in the firewall. Too few, and it will affect the quality of the ftp service. In the example below, we have the default ports 21 and 990 configured. ![]() At the next step, add the ports you set for FTP and FTPS. Create a New Rule and select Port as the type of rule. I am looking for some best practices as it pertains to the number of ftp passive ports to have left open on our firewall. To do this, open up up the Windows Firewall with Advanced Security application on your server and navigate to Inbound Rules. While I understand Active vs Passive FTP setups. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
June 2023
Categories |