Active FTP
the active mode FTP is used for the FTP connections between PPS and the machines. This requires that the client (PPS) must be open to data received over the FTP data port. The port range >1024 is used.
The graphic illustrates who establishes the connection and how the data flows.
- Standard
- The FTP client requests something from the server and therefore contacts the Knit-FTP server of the machine (1) on Command Port 21.
- The port (n) is communicated in order to return responses and confirmations to the client (2).
- This Command Port (n) will be opened automatically in the client's firewall.
- Firewall of client open for the ports >1024
-
FTP client request data (1) which will flow via Data Port (n+1) (3).
E.g. file retrievals, directory lists - Request is confirmed via Command Port (n) (2).
- But the firewall of the client does not allow the incoming connection form Data Port 20 because it was not initiated by Data Port (n+1) of the client.
- Because the connection was initiated via Command Port (n), the client's firewall must be open for ports >1024.
- It is sufficient to allow the breakthrough to the client applications only.
You can configure this in firewall. - Defender Firewall of Windows
- If you only use the Defender firewall under Windows, the PPS installation will automatically grant the necessary permissions.
- If you use a third-party software, you have to set the entries manually.
Sicurezza, Rules for incoming TCP and UDP messages of the PPS, which the firewall must not block.