SecureBlackbox 16: Why doesn't passive mode work in TElSimpleFTPSServer?

Note: This article applies only to SecureBlackbox Legacy. For future development please consider using the latest version.

Passive mode means that the server opens a secondary socket on the port of its choice and passes the address and port to the client. When the server is behind the firewall, several erroneous situations can happen:

  1. The server identifies its address incorrectly (the address of the local IP is identified). Some clients can work around this problem, but not all. Also, for FTP (not FTPS), some firewalls monitor FTP traffic and substitute the address and port values.
  2. The port that the server has chosen is blocked by the firewall. You need to open the range of ports or all ports on the firewall and configure the server accordingly.

We appreciate your feedback.  If you have any questions, comments, or suggestions about this article please contact our support team at