- This topic has 3 replies, 3 voices, and was last updated 19 years, 7 months ago by
.
-
I’ve been trying to solve this too. I’m running 10.3.7 on my Xserve. Turns out we need to open more than just port 20,21 for FTP to work through the firewall. I won’t go into how passive and active FTP work here, you can dig around for it if you want… Suffice to say, I pieced together a fix* from a slew of various posts.
Here’s what worked for me:
Stop FTP service
Open Terminal
cd into /Library/FTPServer/Configuration
sudo pico ftpaccess
(we need to specify which ports to allow passive ftp)
I added the line:
passive ports xx.xx.xx.xx 51000 51100
(where xx… is the ftp server’s ip address)
save the fileIn Server Admin, go to Firewall Settings Advanced
Make a new rule
(thanks to Scott DeLeury from Apple OS X Server discussions. This rule worked for me. Initially, I found this rule written incorrectly on a few web pages, which caused some hair-pulling here.)Action – Allow
Protocol – TCP
Service – OtherSource Address – Any
(or create separate rules for each allowed ftp user)Source Port – Blank
Destination Address
(your ip address that people are accessing ftp from)Destination Port – 51000 51100
Save the new rule and reload your Firewall.
Start FTP service*Well, this “pretty much” works for me. I still get the ‘EPSV’ error, but the long lag is now gone and things are pretty snappy. I’ve had a couple users test FTP with different clients, including BBEdit, and a simple Terminal connection. No complaints. Good luck.
- You must be logged in to reply to this topic.
Comments are closed