Q. I have installed ProFTPD ftp server but some of my clients cannot be connected to my site since they are behind a proxy or firewall. What can I do about it?
A. passive ftp connections are very common when set behind a proxy or firewall. In a passive ftp connection, the client sends the PASV command to the server and is the server who selects a port at random and sends it to the client. We must configure directive PassivePorts in ProFTPD.
Open the ProFTPD configuration file
Add the directive
PassivePorts 62000 64000
Save changes in VIM
# service restart proftpd
Then we add the following rule to our Firewall (iptables)
# iptables -A INPUT -p TCP -s 0/0 --destination-port 62000:64000 -j ACCEPT