J. Echter wrote on Thu, Feb 11 2016 at 1:25 pm: > But, i cant use it as i get errors like 'no data', error 227 'entering > passive mode' and so on.
So the FTP client is in your location and the FTP server is somewhere on the Internet? We've not had any issues with that under pfSense 2.x, and specifically 2.2.x for Kevin. I looked at the link he posted and I'm guessing you are hitting this: "Passive mode on the client will require access to random/high ports outbound, which could run afoul of a strict outbound ruleset. Environments with a security policy that requires strict outbound firewall rules likely would not be using FTP anyhow, as it transmits credentials without encryption." In other words if you are allowing port 21 outbound but blocking outbound ports over 1000, that would allow the initial connection and then fail on the data connection(s). The FTP server would tell the client what port to use for the data connection but then the client is blocked by the firewall. Try (in Status: System logs: Settings) setting your firewall log to "Log packets matched from the default block rules put in the ruleset" and see if that shows the block in your firewall log. And just to over clarify, it is the FTP server that tells the client what port to use, so you can't control that unless you control the FTP server. -- Steve Yates ITS, Inc. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold