Security

You need to remember how FTP works. It has 2 modes, passive and normal.

Passive FTP, the client will initiate a connection from <=1024 to tcp 21. The client will also tell the server which port it is listening on

Then the server will make a connection from a port <=1024 to the port above 1024 the client machine is listening on.

With normal FTP it is basically the same. Except that the return connection from the server to the client will come from port 20 instead of over 1024.

So the first place I would look is to see how the firewall is set up. Then I would look on the client side and check to see what mode it is trying.

If you are using IE, it will by default try to use passive ftp.

I prefer normal ftp, because at least I can control the incoming source port instead od saying any new connections from anything over 1024 allow.

Who created config for your router? Do you have that person available? Possibly cause may be in big number of connections, pourly configured IOS firewall or IOS IDS, etc. You may send me your router config to have more detailed analysis (sure, delete all passwrd information and public IP addresses if any).

This question was auto closed due to inactivity