FileZilla Forums

Hello. Having an issue setting up a new FTP server inside the network but want it accessible from the outside.

The issue we're having is when we try to connect from the outside using Filezilla or any FTP client, we get an error "Failed to retrieve directory listing". From inside the firewall we get the directory listing just fine. Ports we opened were 20 and 21. This issue affects both the FileZilla "server" and the windows built in Windows FTP server. So I am guessing there is something in the firewall or client I am just not getting right. I searched a bunch and the only resolution worth looking at was 1) make sure port 20 is open and 2) convert to SFTP and only open port 23.

I'd prefer to use SFTP but can't figure out how to make FileZilla be an SFTP server. Any thoughts there?

Otherwise, we can do TLS on port 21...

What might our issue be?

Thank you!

I'd prefer to use SFTP but can't figure out how to make FileZilla be an SFTP server. Any thoughts there?

FileZilla Server does not support SFTP at all.

2) convert to SFTP and only open port 23.

SFTP uses port 22, not 23.


As to the FTP problem: Who told you that port 20 was even used? The port 20 does never have to be forwarded on the server side, as
1. the preferred Passive mode (the one you need to configure your server for) does not touch this port, and
2. even for the old Active mode, the port MAY be used as an outgoing port on the server side. Outgoing ports don't require forwarding.

Your problem is that you are lacking the complete Passive data port range. Data connections (listings and transfers) use ports from this range. After use, ports aren't re-usable immediately (need up to 4 minutes), so the range must be sufficiently large (100 to all available, depending on server traffic).

This is all explained in the Network Configuration Guide. Essentials:

0. Read the guide, Passive section.
1. Define the Custom port range in the Passive settings of FileZilla Server.
2. Tell FileZilla Server your IPv4, or tell the Server how to fetch the IPv4 by itself.
3. Forward the custom port range in your router and firewall, in addition to the port 21.
4. Use the https://ftptest.net site for any testing, it rules out potentially faulty clients.

Note: For Active mode, data ports must be configured at the client, not the server.

Sorry, been on vacation! Ahhh I see now why those ports are needed. I will make the changes and presumably it will work! thanks for the reply.

Steve