Need help with ftp server port [Solved]

First off, I have to say I am very impressed with your product. I just installed this today and am already liking it.

The problem I am having is getting my ftp server running through the firewall with the port set at 3669.

I have created a new rule as follows:
Action : Allow
protocol : TCP
Direction : In
Source ip : any
destination ip : any
source port : any
destination port : 3669

I have also opened up the ports for pasv mode.

My ftp server can’t be accessed by anyone else…am I missing something?

You’re assistance will be much appreciated.

G’day sszymczak,

Firstly, welcome to the forums.

Your FTP inbound rule looks OK.

Can we assume that your routers firewall isn’t blocking this port?
Can any other PC on the same lan ping to that port?

Ewen :slight_smile:

hmm… your router should be the problem, since your service provider normally does not block ports. try to access your router and foward the port 3669. As I’m not sure of your router, you will need to search on the internet on how to access your router’s settings if you don’t know how to do so.

My router was the one blocking my ftp server (Running Filezilla here), after fowarding the port, and opening up a port in windows firewall, everythings O.K. I’m using port 8080 as my main connection, but I set my server to listen in on 5900, 21, 80, 8080, 21, 22. All of them work with port fowarding.

If nothing works, you might want to consider switching your server back to the default port which should be port 21, or 22 for sftp.

Thank you for your responses.
I am directly connected to the internet through my cable modem, I’m not on a router.
The server worked fine with a different firewall, but I am liking cpf so much that I am determined to get it working.

I have created and deleted the rule several times, all with the same result.

Yes the Block rule is important as it blocks all unwanted traffic.
What i can gather from reading these forums is, incoming traffic is tested against each rule in turn looking for access finally reaching the last rule, your BLOCK rule and denied access. Moving the rule you made for your FTP server above the BLOCK rule allows access.

I reinstalled the firewall and tried it all again and it is working perfectly.

Thanks again for everyone’s help and for a fantastic product!!! (:CLP)

The settings didn’t work for me. I’m using Guildftp server and accessing it using Core FTP LE

On the server computer, my settings are:
Action : Allow
protocol : TCP
Direction : In
Source ip : any
destination ip : any
source port : any
destination port : 21

I did log in successfully, but i wasn’t able to retrieve the directory. The problem is solved if the destination port is set to ANY. But i’m not sure if this secure. This rule is placed just above the default block rule. I checked the log file from Core FTP (which i have attached), it seems like it is using quite a few (Random?) ports. If this is the case, must i set destination to ANY?

Thank you

[attachment deleted by admin]

It seems your problem is with Passive FTP port range. You have to check what port ranges are used for Passive FTP and allow them in the Network Monitor (as well as the Application Monitor).

For more info on Passive FTP, pls refer to the below excellent article:
“Active FTP vs. Passive FTP, a Definitive Explanation” Active FTP vs. Passive FTP, a Definitive Explanation

Hope this solves your problem…

This is from the website:
"Active FTP :
command : client >1023 → server 21
data : client >1023 ← server 20

Passive FTP :
command : client >1023 → server 21
data : client >1023 → server >1023"

It seems like all ports > 21 must be open in the Source and Destination tabs for both protocols to work.

If you configured your FTP Server software to work only using Active FTP, then you only have to open port 21 for incoming connections. On the client side however, you will have problems and you’ll need to open ports > 1023. Sometimes, this is not practical due to corporate firewalls++

If you configured your FTP Server software to support Passive FTP (recommended), then check with your FTP Server software for the passive port range. Usually, this is configurable and you need only to open this port range for the incoming connections for the FTP Server. Here, the client doesn’t need to open any incoming port (compatible with most clients).

BTW, I’m using a great free FTP Server:, however, it misses advanced statistics.