Before ftp conducted a simple set up and use, simple to use and is limited to no more use for FTP file transfer mechanism did not know how much.
Recently doing a project needs to be done outside the network via FTP file exchange, exchanging roughly as follows:
Of course, this is only within the network to access external network, and vice versa (direct omitted here, not depicted on the map) is a third-party exchange platform between internal and external networks, open access port (not open port can not communicate) and do address mapping.
According to this way after setting found inside and outside the network can access only ftp access to the user login interface, you can not obtain the appropriate data and file transfer list after logging in.
Problem-based access to relevant information and found that not only uses FTP port 21 (default port, you can change), just a 21-port command port, data transfer need another port, so only open port 21 is not acceptable.
FTP protocol has two modes: PORT mode and PASV mode, namely active mode and passive mode.
1, a proactive approach
Connection process is: FTP client to the server port (default 21) transmits a connection request, the server accepts the connection, establishing a link command. When you need to transfer data, the client tells the server on the command link with the PORT command: "I opened the XXXX port, you connect me to come." Thus XXXX server port 20 from the port sends a connection request to the client to establish a data link to transmit data.
2, passive
Connection process is: FTP client to the server port (default 21) transmits a connection request, the server accepts the connection, establishing a link command. When you need to transfer data, the server on the command link tells the client to use PASV command: "I opened the XXXX port, you connect me to come." Thus the client request sent to the port connection XXXX server, establishing a data link to transmit data.
As can be seen from the above, the command link connection method is the same in two ways, but the method for establishing a data link is completely different.
扩展:被动模式是随着共享网络的发展而产生的,例如一个局域网共享190.111.186.202一个公网IP上网,当一个局域网内部用户192.168.1.120去访问外网ftp时,其会告诉ftp服务器我打开了X端口,你来连接我吧,由于共享上网原因,ftp端口就会向190.111.186.202这个公网IP的X端口传输数据,则会出现传输失败的情况。
默认FTP客户端工作在主动模式下,客户端制定数据传输端口服务器去主动连接客户端。
主动FTP对FTP服务器的管理有利,但对客户端的管理不利。因为FTP服务器企图与客户端的高位随机端口建立连接,而这个端口很可能被客户端的防火墙阻塞掉。被动FTP对FTP客户端的管理有利,但对服务器端的管理不利。因为客户端要与服务器端建立两个连接,其中一个连到一个高位随机端口,而这个端口很有可能被服务器端的防火墙阻塞掉。
IIS提供的FTP服务默认为也为主动模式。可以通过客户端(注意:这里是对IIS的设置,并不是对你搭建的FTP的设置)。
图上选择的是IIS根节点,并非是ftp的节点。进入后进行端口设置。设置完成后重启IIS.
尝试解决方法:
首先,是尝试解决方法(为进行实际测试),我这里最终是修改内外网交换平台的部分设置解决的,如果要固定到指定的端口,个人觉得可以通过两种方式去解决:
1、对于主动方式
主动方式两个端口都是固定的,控制端口(默认21)以及数据传输接口(默认为控制端口减去1,即20端口),需要开通这两个端口即可。当然这种方式无法应用于共享上网的情况。
2、对于被动方式
控制端口(默认21)以及数据传输端口不定,可以通过软件设置固定被动模式下的端口为固定的几个端口,然后放开指定的端口即可。
参考:
http://www.360doc.com/content/17/0712/21/1355383_670894461.shtml