Hi guys,

I setup a ftp server (vsftpd) with an unusual port like 2021.
I know when I use port 21, it works like a charm with passive mode but we cannot use it since its already being in use.

I can ftp it locally noproblem using port 2021 but when I am outside my firewall, I can login no problem but I cannot get a list of directories or anything unless I disable passive. how can I resolve this so it will use passive mode?

thanks guys,
jjjj12212

What do your firewall settings look like? Is 2021 open on the firewall? Also keep in mind there are some caveats to setting up FTP that may not go as smoothly as say opening up a port for SSH<22>. Have a look here: http://forums.fedoraforum.org/showthread.php?t=252087 especially the data port error.

There's also this to consider <ripped from a post off LQ :-D >

Q) Help! Can I change the port that vsftpd runs on?

A1) Yes. If you are running vsftpd in standalone mode, use the "listen_port"
directive in vsftpd.conf.

A2) Yes. If you are running vsftpd from an inetd or xinetd program, this
becomes an inetd or xinetd problem. You must change the inetd or xinetd
configuration files (perhaps /etc/inetd.conf or /etc/xinetd.d/vsftpd)

What kind of errors exactly are you seeing?

My firewall setting is Open port 2021 to IP 10.X.X.X
I also did for a test: Open port 2021 then translate it to port 21 to IP 10.x.x.x, same results

vsftpd is on standalone. (listen=YES)
SELinux is disabled.

I can connect to the FTP no problem (ask user/password)
but if I enter any command like ls, it will say : Passive mode (IP,NUMBERS,EXAMPLE)
then it will hang for about 2-5 minutes then say connection timeout.

I will try out the Min_port / max_port and open those on my router tomorrow

good night,
jjjj12212

ok so I setup with this:

listen=YES
listen_port=2021
pasv_min_port=65000
pasv_max_port=65535
#
# This directive enables listening on IPv6 sockets. To listen on IPv4 and IPv6
# sockets, you must run two copies of vsftpd with two configuration files.
# Make sure, that one of the listen options is commented !!
#listen_ipv6=YES

pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
#connect_from_port_20=NO
#ftp_data_port=2020
syslog_enable=YES

my firewall open ports are 2020-2022 and 65000-65535 and still no luck.
I get login, I login no problem. but when I do a command like ls, it says passive bla bla bla and hangs, no results

thanks,
jjjj12212

That's all right, but what does your Firewall do ?
Try stopping it and connect to see if FTP works (mostly it does) then restart FW again and make modifications to allow Passive ports.

good luck

sorry for the delay,

I have done service iptables stop

then got:

iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]

so I tried it again and still the same thing

I'm sorry, but after reading the above, it occured to me that it won't work, because NAT some port to IP with Passive FTP doesn't work. I tried it, people here on forum also tried, but no success unfortunately.
Your FTP server will have to be in DMZ zone or direct on the internet to work.