Table of Contents
The File Transfer Protocol (FTP) is a communication protocol we use to transfer files between a server and a client. If you are looking to port forward File Transfer Protocol this comprehensive guide can help you.
Port forwarding is used to allow remote access to a computer or device that is behind a firewall. When port forwarding is properly configured, the firewall will know to allow incoming traffic on the specified port and forward it to the correct computer or device on the network.
Understanding FTP and Port Requirements
FTP uses two channels:
- Command (Control) Channel: Always uses TCP port 21.
- Data Channel: Depends on mode, port 20 (active) or random high-range ports (typically 1024–65535) for passive mode.
Active Mode: Server initiates data connection back to the client after receiving a PORT command, making client firewalls problematic.
Passive Mode: Client opens both control and data connections (via a port chosen by server), making it firewall/NAT friendly but requiring the server firewall to allow a broader range of incoming ports.
Why You Need to Port Forward FTP
Without correct port forwarding:
- Port 21 connects, but failed data channel means file transfers do not complete.
- Active mode causes server callbacks that your NAT blocks.
- Passive mode fails if your server doesn’t allow the negotiated port range.
Correct forwarding ensures both channels work reliably even through NAT/firewalls.
Ports to Forward for FTP
| FTP Mode | Port(s) to Forward | Notes |
|---|---|---|
| Control | TCP 21 | Required for all connections |
| Active | TCP 20 | Server to client connection |
| Passive | TCP range e.g. 50000–51100 (configurable) | Server listens on these for data |
Many modern configurations opt for passive mode, forwarding port 21 plus a defined high-range port block.
Requirements to Port Forward FTP Protocol
Just before you begin with the process of port forwarding, make sure you have the following things:
- Downloaded and installed the Ftp Protocol server.
- The IP address of your router.
- IP address of your device.
TCP and UDP ports of Ftp Protocol are mentioned in the section below.
Step-by-step guide on how to port forward Ftp Protocol
Now that you have the above details noted down, you can move to the next stage of Ftp Protocol port forwarding:
- On your web browser address bar, type your router’s IP Address/Default Gateway.
- Log in with your router’s credentials (username and password) to view your router’s firmware settings.
- Navigate to the port forwarding section of your router.
- Click on Port Forwarding.
- Enter the IP address of your device in your router in the correct box.
- Put the TCP and UDP ports of the Ftp Protocol server in the boxes in your router. The default Ftp Protocol port number is 989. And then click the apply button.
- And you’re done. Restart your router to let the changes take effect.
- Once your changes take effect, now you can host an Ftp Protocol server and let your friends connect to it as well. To let them connect to it, you need to provide them the hostname you are using, along with the port number. For example, ‘hostname.domain.com:25565’.
FTP Protocol ports needed to run
To access Ftp Protocol online and create a server without any interruptions, you’ll have to allow access to certain ports on your firewall. The default Ftp Protocol ports are:
| TCP Port: | 989 |
Ports to forward on devices
Ports to run on PC:
| TCP Port: | 989 |
How to open ports behind CGNAT
What if your ISP performs CGNAT? Most ISPs perform CGNAT (Carrier-grade Network Address Translation) to conserve bandwidth and assign a single IP address to multiple users connected to the same internet network. However, CGNAT makes it difficult for you to open ports on the router.
To get around the CGNAT issue, you can use the Port Forwarding add-on to bypass this problem and port forward routers without hassle.
Here’s more information on how to use PureVPN’s Port Forwarding add-on and bypass CGNAT in a few clicks.
PureVPN’s Port Forwarding Add-on
A secure way to open all ports
To most people, port forwarding is quite a demanding task. For starters, every router has a different console, which often makes it difficult to navigate to specific settings.
Secondly, you won’t always be able to open Ftp Protocol Online ports on your router if your ISP restricts the ports. Yes, you heard that right! ISPs are notorious for blocking ports due to security reasons. If ISP isn’t the reason behind a blocked port, then perhaps it could be your operating system’s firewall.
Well, you can eliminate all these problems with PureVPN’s Port Forwarding add-on. Through the Port Forwarding add-on, you can allow all ports, disallow all ports, and allow specific ports.
Frequently Asked Questions
Forward TCP port 21 for control connections and either TCP port 20 (active mode) or a defined high-range TCP port block (e.g., 50000–51100 for passive mode) to your FTP server’s static internal IP. In your router’s port forwarding settings, map these external ports to the same internal ports. Configure your FTP server to use the same passive range, enable passive-only mode, and test access from outside your network.
NAT firewalls slow down your internet connection, but VPN port forwarding can get around that. It’s useful for several reasons which include increasing your download speed, accessing your computer when you’re away from home, and establishing a direct connection with a server.
To use port forwarding, you must first set a static internal IP address (ipv4) for your device. By default your device ipv4 address is automatically dynamic instead of static, meaning it constantly changes and port forwarding won’t be able to identify your device within your home network.
