Problem to connect ftp with 1990 port - USG Flex 100

Options
Gru_Ma
Gru_Ma Posts: 15  Freshman Member
First Comment Friend Collector First Anniversary
in Security

Hello

i'm try to connect an ftp server with port 1990 but not works. It works with statandard port and works if i connect form other lan not connect to firewall

I not set any limitations form lan to wan

Thanks

All Replies

  • Zyxel_James
    Zyxel_James Posts: 788  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 100 Answers

    Could you please clarify your scenario in more detail? please also explain your network topology, thanks.
    So it works with port 21 when the traffic is not passing through firewall. then why you want to access by port 1990 to a FTP server?

  • Gru_Ma
    Gru_Ma Posts: 15  Freshman Member
    First Comment Friend Collector First Anniversary

    Hello

    Thanks for your reply.

    If i try to access  with port 21 when the traffic is passing through firewall it works

    If i try to access  with port 1990 when the traffic is passing through firewall it not works

    If i try to access  with port 1990 when the traffic is not passing through firewall it works

    Thanks

  • PeterUK
    PeterUK Posts: 3,881  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited May 19

    Does the FTP server support both Active and Passive?

    If Passive only you will need to allow outgoing for TCP ports other then 1990 or allow rule for the IP of server

    If Active only you will need to allow incoming for TCP ports or allow rule for the IP of server

    with port 21 ALG takes care of FTP

  • Gru_Ma
    Gru_Ma Posts: 15  Freshman Member
    First Comment Friend Collector First Anniversary

    Hello

    i had set a new policy

    Screenshot 2025-05-19 112914.png

    But not works

    Thanks

  • Gru_Ma
    Gru_Ma Posts: 15  Freshman Member
    First Comment Friend Collector First Anniversary

    I'm try to connect from my lan to external ftp server

  • PeterUK
    PeterUK Posts: 3,881  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    edited May 19

    Due to how FTP works in Passive mode you have the control port 1990 and a range of DATA ports all of which is outgoing LAN to WAN

    In FTP Active mode you have the control port 1990 which is outgoing and DATA port incoming WAN to LAN.

    Try with a IP or FQDN

  • PeterUK
    PeterUK Posts: 3,881  Guru Member
    100 Answers 2500 Comments Friend Collector Seventh Anniversary
    Screenshot 2025-05-19 151301.png

    Not tried it but if you put 1990 in additional FTP signaling port that should work

  • Gru_Ma
    Gru_Ma Posts: 15  Freshman Member
    First Comment Friend Collector First Anniversary

    https://community.zyxel.com/en/discussion/comment/77530#Comment_77530

    Hello

    i have already tryed but not works. Thanks

  • Zyxel_James
    Zyxel_James Posts: 788  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 100 Answers

    I also would like to know the FTP mode is active or passive, and what's the data port and command port.
    Or you can simply have a test to determine if the security policies are the reason the FTP access get blocked, that is, disable Policy Control.
    Moreover, Is your USG FLEX 100 behind NAT?

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)