Internet, Networking, & Security > Home Networking 47 47 people found this article helpful What Is PASV FTP (Passive FTP)? No more firewall issues By Bradley Mitchell Bradley Mitchell Writer Massachusetts Institute of Technology University of Illinois An MIT graduate who brings years of technical experience to articles on SEO, computers, and wireless networking. lifewire's editorial guidelines Updated on July 3, 2021 Tweet Share Email Tweet Share Email Home Networking The Wireless Connection Routers & Firewalls Network Hubs ISP Broadband Ethernet Installing & Upgrading Wi-Fi & Wireless PASV FTP, also called passive FTP, is an alternative mode for establishing File Transfer Protocol (FTP) connections. In short, it solves the problem of an FTP client's firewall blocking incoming connections. "PASV" is the name of the command that the FTP client uses to explain to the server that it's in passive mode. Passive FTP is a preferred FTP mode for FTP clients behind a firewall and is often used for web-based FTP clients and computers connecting to an FTP server within a corporate network. Westend61 / Getty Images How PASV FTP Works FTP works over two ports: one for moving data between the servers and another for issuing commands. Passive mode works by allowing the FTP client to initiate sending of both control and data messages. Ordinarily, it's the FTP server that initiates the data requests, but this kind of setup might not work if the client firewall has blocked the port that the server wants to use. It's for this reason that PASV mode makes FTP "firewall-friendly." In other words, the client is the one opening the data port and the command port in passive mode, so given that the firewall on the server side is open to accepting these ports, data can flow between both. This configuration is ideal since the server has most likely opened the necessary ports for the client to communicate with the server. Most FTP clients, including web browsers like the now-defunct Internet Explorer, support a PASV FTP option. However, configuring PASV doesn't guarantee that PASV mode will work since FTP servers can choose to deny PASV mode connections. Some network administrators disable PASV mode on FTP servers because of the additional security risks PASV entails. FAQ What is the difference between active and passive FTP? In active FTP mode, the client sends the PORT command, then the server connects to the appropriate client-side port. In passive FTP mode, the client requests an open port from the server and then connects to it. What is an FTP bounce attack? In an FTP bounce attack, the PORT command is used to indirectly access ports on a server through a web proxy, allowing you to connect with ports you otherwise wouldn't be able to access. Most FTP servers block FTP bounce attacks by default. Was this page helpful? Thanks for letting us know! Get the Latest Tech News Delivered Every Day Subscribe Tell us why! Other Not enough details Hard to understand Submit