I stand corrected. And on closer reading of Charles' post, I see that he was referring to opening ports on the ftp server side. -- Aaron Sterr - Infrastructure Engineer On Thu, 13 Jan 2005, Alexander Dalloz wrote: > Am Do, den 13.01.2005 schrieb Aaron.Sterr um 0:42: > > > Passive FTP does NOT use the local ephemeral ports, that is traditional > > FTP behavior. Passive FTP uses the existing TCP connection for both > > the control and data channels, and is easier to firewall. > > > > Of course, the ftp server needs to know how to use passive FTP instead of > > traditiional FTP. > > Where do you have this "knowledge" from? > > http://slacksite.com/other/ftp.html illustrates well how active and > passive ftp work. > > Alexander > > >