This article describes how to configure Internet Explorer to use both the File Transfer Protocol (FTP) PORT mode and PASV mode.
FTP supports two modes. These modes are called Standard (or Active) and Passive (or "PASV"). The Standard mode FTP client sends PORT
commands to the FTP server. The Passive mode client sends PASV
commands to the FTP Server. These commands are sent over the FTP command channel.
Standard mode FTP clients first establish a connection to TCP port 21 on the FTP server. This connection establishes the FTP command channel. The client sends a PORT
command over the FTP command channel when the FTP client needs to receive data, such as a folder list or file. The PORT
command contains information about on which port the FTP client receives the data. In PORT Mode, the FTP server always sends data from TCP port 20. The FTP server must open a new connection to the client when it sends data.
Passive mode FTP clients also start by establishing a connection to TCP port 21 on the FTP server to create the control channel. When the client sends a PASV
command over the command channel, the FTP server opens an ephemeral port (between 1024 and 5000) and informs the FTP client to request data transfer from that port. The FTP server responds to the request by using the ephemeral port as the source port for data transfer. When this occurs, the FTP server does not need to establish a new inbound connection to the FTP client.
You may need to change the mode that is used by the FTP client, depending on the firewall configuration on either the FTP client or the server. Microsoft Internet Explorer 5 and later support both Standard mode and Passive mode.back to the top How to Change the Internet Explorer FTP Client Mode
To change the Internet Explorer FTP client mode:
- Start Internet Explorer.
- Click Internet Options on the Tools menu.
- Click the Advanced tab.
- Click Enable Folder View for FTP sites.
Internet Explorer is an Active mode FTP client when you select the Enable Folder View for FTP sites
option (no matter what the Use Passive FTP
Internet Explorer can be enabled for a passive mode FTP client when you clear this option.back to the top Troubleshooting
Many firewalls do not accept new connections through an external interface. These connections are detected by the firewall as unsolicited connection attempts and therefore drops the connections. Standard mode FTP clients do not work in this environment because the FTP server must make a new connection request to the FTP client.
Firewall administrators may not want to use PASV FTP servers because the FTP server can open any ephemeral port number. Although Microsoft Internet Information Server (IIS) 4.0 and Microsoft Internet Information Server 5.0 use the default ephemeral port range of 1024 through 5000, many FTP servers are configured with an ephemeral port range of 1024 through 65535. Firewall configurations that allow full access to all ephemeral ports for unsolicited connections may be considered unsecured.
You can configure both IIS 4.0 and IIS 5.0 to allow the ephemeral port range of 1024 through 65535.
For additional information about problems that you may have when you try to connect to TCP ports above 5000, click the article number below to view the article in the Microsoft Knowledge Base:
196271back to the top
Unable to Connect from TCP Ports Above 5000