AdminID.kr (어드민아이디) - 기타 네트워크 - How to Set a Passive Port Range in Serv-U FTP Server

XpressEngine
How to Set a Passive Port Range in Serv-U FTP Server - KB Article #2100

Related Articles -- 1044, 2091

As you probably already know, FTP uses multiple connections on multiple portsto perform file transfers.

Many firewalls "understand" plan text FTP and can open/close the appropriate ports dynamically if you specifically configure "FTP" (rather than "TCP port 21") on firewall rules. However, when FTPSis used, the control channel the firewall would usually read is encrypted, so firewall technicians find they need to open up ranges of high inbound TCP ports to get FTPS to work in passivemode. (We do not recommend the use of active modeFTPS transfers; fortunately most clients that can do FTPS select passive mode transfers by default.)

To avoid ridiculous ranges (e.g., "allow TCP from all to ports 1024-65535"), specific ranges of inbound passive ports can be configured on both your FTP server andyour firewall. These instructions show how to configure a passive FTP port range on Serv-U. (Related instructions show how torequire the use of passive mode transfersin Serv-U.)

Instructions

1.Open your Serv-U Management Console and navigate to the "Server Settings" tab under "Server Limits & Settings". (Do not go to your Domain-level Limits & Settings.)

2.Scroll down until you see the "Network Settings" panel. Fill in a value for the "PASV Port Range". (We recommend starting with 50000-50009; you can use a narrower port range if you never hit simultaneous transfers; use a wider port range if you support more simultaneoustransfers.)

3.Click the "Save" button in the "Network Settings" panel.
4.To test, connect to Serv-U using an FTP clientthat is set up to use passive mode. Connect to the server from outside your firewall, attempt several directory listings and transfers, and make sure passive transfers work.

•Serv-U Firewall Rules
•Requiring Passive Transfers

Additional Notes

•Firewall rules that prohibit all outbound connections from Serv-U should also be implemented; no outbound connections are needed when passive mode FTP transfers are performed.
•These instructions also apply when Serv-U Gatewayis used to avoid deploying Serv-U in a DMZ segment.
•Alsoremember to require the use of passive modeon Serv-U.

출처 : http://www.serv-u.com/kb/2100/How-to-Set-a-Passive-Port-Range-in-ServU-FTP-Server

List of Articles
번호	제목	글쓴이	날짜	조회 수
76	Reverse DNS - 등록및 확인	JAESOO	2016.09.24	301
75	파일질라(filezilla) 디렉터리 목록 조회 실패	JAESOO	2016.07.01	323
74	시만텍(Symantec) 솔루션 적용 구성도	JAESOO	2015.06.20	540
73	[기술자료] 전용선	JAESOO	2015.04.17	374
72	전용회선의 종류	JAESOO	2015.04.17	307
71	[이도경 칼럼] 올해 인터넷전화 도입시 주의사항 10가지 2	JAESOO	2015.04.16	832
70	[이도경 칼럼] 올해 인터넷전화 도입시 주의사항 10가지 1	JAESOO	2015.04.16	359
»	How to Set a Passive Port Range in Serv-U FTP Server - KB Article #2100	JAESOO	2015.01.21	708
68	초고속 정보통신 건물 앰블럼 시험항목	JAESOO	2014.06.27	1451
67	Digital 통신용 UTP 케이블의 종류와 특성	JAESOO	2014.06.27	1728
66	디지털 통신용 UTP Cable의 종류와 특성 이해	JAESOO	2014.06.27	1819
65	통신 네트워크 관련용어정리 (기본 통신네트워크, 데이터통신 네트워크, 영상통신 네트워크)	JAESOO	2014.06.27	17822
64	전기 연선의 굵기(SQ), 가닥(C), 단위 읽는 방법과 해석	JaeSoo	2013.12.20	6808
63	일반형 항온항습기와 일체형 항온항습기 비교	JaeSoo	2013.12.19	2501
62	IP 대역 계산	JaeSoo	2013.11.27	4284
61	회선비, 상면비	JaeSoo	2013.10.24	2912
60	코로케이션(Co-location)이란?	JaeSoo	2013.10.24	2070
59	데이터 센터에 대한 일반 상식	JaeSoo	2013.10.24	2357
58	텐센트 10TB 무료 대용량 클라우드 서비스 모바일 APP/PC 클라이언트 한글화 배포(PC버전 추가)	JaeSoo	2013.09.28	4552
57	인터넷속도측정 10초면 가능 인터넷속도 체크해보세요	JaeSoo	2013.09.11	5185

글쓴이

Reverse DNS - 등록및 확인

2016.09.24

301

파일질라(filezilla) 디렉터리 목록 조회 실패

JAESOO

2016.07.01