Table of Contents
Advertisement
passive-port-min
Sets the lowest port value for the passive port range.
Syntax
passive-port-min port
Parameters
port
Guidelines
The passive-port-min command sets the lowest port value for the passive port
range. This value must be less than the value set by the passive-port-max
command.
This command is relevant when allowing or requiring the use of passive mode and
when limiting port usage to a specific range. In other words, this command is
relevant when both of the following conditions are met:
v The value of the passive command is any keyword except disallow.
v The value of the passive-port-range command is the keyword on.
Related Commands
passive, passive-port-max, passive-port-range
passive-port-range
Controls whether to limit the port range for passive connections.
Syntax
passive-port-range {on | off}
Parameters
on
off
Guidelines
The passive-port-range controls whether to use a limited, TCP port range for
passive connections. This command is useful when a firewall or proxy server want
to allow incoming FTP data connections for a limited port range only. This
behavior is common with the FTP server that cannot use a packet analyzer
(sometimes known as a packet sniffer) on the control connection.
The range limits the maximum number of FTP clients that can be in the state
between when the FTP server issues a 227 ("Entering Passive Mode") in response
to the PASV or EPSV command from the FTP client and when the FTP client must
establish a TCP data connection to the listening port and issue a data transfer
command. To control the pressure on this limited resource, use the
passive-idle-timeout command to adjust the idle timeout value for passive data
connections.
306
Command Reference
Specify the lower end of the passive port range. Use an integer in the
range of 1024 through 65534. The default is 1024.
Enables the use of a limited port range.
(Default) Disables the use of a limited port range.
Advertisement
Table of Contents
