Topic "Passive mode Ip address"

Author Message


When using passive mode the return ip address from the server can be a NAT address which cannot be accessed by clients on the the other side of the firewall. A suggestion is an option to use the address on which the client initiates the connection instead of the address returned by the PASV command (obviously retain the port).

For example a connection to a server may return 192,168,0,5,3,224 - the external address of the server will definitely not be in the 192.168.0 range if the connection is over the Internet. If an option is set to use the outgoing address for the PASV connection the 192,168,0,5 would be ignored and the original outbound address used.

We picked up a problem that Filezilla was able to circumvent and I suspect that this is how they did it.
[View user's profile]
Site Admin
Joined: 2002-12-10
Posts: 26890
Location: Prague, Czechia
Thanks for your post. This issue is being tracked already.
Martin Prikryl

You can post new topics in this forum


What is WinSCP?

It is award-winning SFTP client, SCP client, FTPS client and FTP client integrated into one software program for file transfer to FTP server or secure SFTP server. [More]

And it's free!


About donations

$9   $19   $49   $99

About donations


WinSCP Privacy Policy

WinSCP License