BPFTP Server: Why can't people login?!?!
Figure out why and fix your NAT/Firewall settings with our new online tester. More Info

BPFTP Server: New USB Flash-Drive Portable Edition
Walk up and instantly start a FTP Server for quick remote access to any file. More Info
Search Our Website:
    Products       Members       Support       Contact Us      
Current Versions as of May 12th, 2008:
BulletProof Transfers!
Speakeasy Speed Test 		 
 
Overview   BPFTP Server (Windows)   BPFTP Client (Windows) BPFTP Client (MacOS) BP Label Magic (Windows) BP Barcode Magic (Windows) BP MP3 Strip_It!
Top 5 Questions (All)
  • When I login to an FTP server I can't see any files in the remote window?
  • I get the error "No route to host" when trying to access an FTP server.
  • After upgrading BPFTP will not connect?!
  • Error : 530 No more connection allowed for this IP.
  • I do not like having to change my c:program filesbpFTP directory to my d:download directory. Is there any way to set my DEFAULT local directory ?
    		•   Home >> Products >> BPFTP Server (Windows) >> Firewall/NAT

    HOWTO: Using BulletProof FTP Server when the hosted computer is protected by a Network Firewall/NAT.

    BulletProof FTP Server fully supports network environments where the computer running the software is behind a network Firewall/NAT.

    Table of Contents
    1.0 Introduction
    1.1 Overview
    1.2 Requirements
    1.3 Background
    2.0 FTP Control/Data Connections
    2.1 Control Connections
    2.2 Data Connections
    2.3 How they are used
    2.4 PORT vs PASV
    3.0 Setting up BulletProof FTP Server

    1.0 Introduction

    1.1 Overview

    The file-transfer provided by FTP copies a complete file from one system to another (SERVER to CLIENT, CLIENT to SERVER). In this transfer a computer running BulletProof FTP Server (http://www.bpftpserver.com) is called the SERVER or HOST and a person connecting to the SERVER is called a CLIENT. A CLIENT is a piece of software which adheres to the Internet FTP standard (RFC-959), such as our specially designed BulletProof FTP Client (http://www.bpftp.com) or even your favorite web-browser (Firefox, Internet Explorer, etc).

    1.2 Requirements

    To configure BulletProof FTP Server correctly you must have the following information and access:

    • Administrative access to the computer running the software (Windows Administrative Privileges)
    • Administrative access to the network Firewall/NAT appliance (Linksys, Netgear, Cisco, etc)
    • BulletProof FTP Server (http://www.bpftpserver.com) installed and running on the intended computer

    1.3 Background

    The File-Transfer-Protocol (FTP) was designed way back in 1985 to facilitate early file transfers on the Internet. This robust and elegant protocol allows for the transferring of files from server-to-client and client-to-server. However, being over 20 years old, this protocol isn't without it's downside; it's firewall/nat traversal is highly confusing and can be pretty technical. Not to fear! With a bit of terminology and some guidance, this "HOW-TO" can help you setup BulletProof FTP Server in no time!

    2.0 FTP Control/Data Connections

    When setting up a SERVER, it is important to understand that there are two types of connections made, control-connections and data-connections.

    2.1 Control Connections

    The control-connection is established in the typical client-server fashion, the SERVER creates a listening socket on the well-known port for FTP (TCP/21) and waits for the CLIENT to make a connection. This default TCP/IP connection on port 21 (shorthand TCP/21), can be changed to any value you wish. Often times, this port is changed to help "hide" the FTP service from would-be hackers or malicious software (virus, worms, etc). This control-connection remains open during the entire time that the CLIENT communicates with the SERVER. This connection is used for commands from the CLIENT to the SERVER and for the SERVER's replies.

    2.2 Data Connections

    The data-connection is created each time a file or data is transferred between the CLIENT and SERVER. FTP uses this data-connection is used in three different ways:

    • Sending a file from the CLIENT to the SERVER
    • Sending a file from the SERVER to the CLIENT
    • Sending a directory-listing from the SERVER to the CLIENT

    2.3 How they are used

    When a CLIENT (such as BulletProof FTP Client) requests a directory-listing from the SERVER (BulletProof FTP Server), the command (LIST) is sent across the control-connection and a data-connection is made to transfer the directory-listing. This avoids any potential limitations that might restrict the size of a directory-listing and makes it easier for the client to save the output and display it in an easy to use point-click interface. During this transfer, the control-connection remains idle while the data-connection is in use.

    2.4 PORT vs PASV

    The creation of the data-connection is dictated by the CLIENT upon issuing of an FTP command (get a file, put a file or obtain a directory-listing). Unfortunately, this is when FTP becomes difficult for most people:

    1. In the default mode, called port-mode (PORT-mode), the CLIENT issues the command and then begins to listen on a random TCP/IP port for the SERVER to connect and establish the data-connection. Although this mode is effective, it requires the technical ability for the person running the CLIENT to understand how to secure and properly open their network's Firewall/NAT to allow this incoming connection.
    2. Optionally, the CLIENT can request data-connections to operate in passive-mode˙(PASV-mode). Thankfully, this mode asks the SERVER to make the listening TCP/IP port for the CLIENT to connect and establish the data-connection.

    3.0 Setting BulletProof FTP Server to operate in Passive-Mode (PASV-mode)

    Setting up BulletProof FTP Server to operate in Passive-Mode (PASV-mode) is very easy, however you will need to break out the manual for your Firewall/NAT (Linksys, Netgear, Cisco, etc) appliance in order to allow the specified incoming TCP/IP connections.

    3.1 BPFTP Server PASV Setup

    Step 1
    Start BulletProof FTP Server from the Windows Start-Menu and make sure you can clearly see it's main user-interface. If you do not have BulletProof FTP Server installed on your computer, you can download a fully functional trial version from our website (http://www.bpftpserver.com).
    Step 2
    From BulletProof FTP Server's main user-interface, pull-down and select Select -> Main -> General.
    Step 3
    On the left-hand side, click on the TreeView menu-option Multi IP Settings -> Passive Mode.
    Step 4
    On the right-hand side, check the box labeled Use passive mode IP and then select Fixed IP or Dynamic IP
    • Fixed IP: If your Internet connection gives you a Static IP enter the real-world IP address for your network connection. To find your real-world IP address, use the BulletProof IP Watcher from the Windows Start-Menu.
    • Dynamic IP: If your Internet connection obtains it's IP address via DHCP, we recommend that you use a DDNS service like DynDns.org and use the assigned hostname.
    Step 5
    On the right-hand side, enter the Passive Port Range. The values entered in this range will be used when communicating with the CLIENT just before establishing the data-connection. You should enter a range big enough to accommodate the number of concurrent connections you are anticipating for the server. I typically use the range of 6900 to 6909, as this would allow for 10 concurrent data-connections, but you can use any values you wish.
    Step 6
    Click OK to save your changes and BulletProof FTP Server is now setup to allow PASV-mode connections!
     

    Products | Members | Support | Contact Us

    Copyright © 1997-2008 BulletProof Software. All rights reserved. Privacy Policy.

    Your IP has been logged as: 38.103.63.16