FTP Troubleshooting: Applying a Methodology

Tony Fortunato explains how he uncovered why an FTP server wasn't working properly.

Tony Fortunato

May 15, 2017

3 Min Read
Network Computing logo

During one of my onsite training sessions, a student  asked if I could look into a problem his company was trying to troubleshoot: After the  FTP server was upgraded, an application wasn’t working anymore. They were stumped when they tested both FTP active and passive connections with a FTP client, which worked. They were basically having issues trying to reproduce the problem.

In this article, I will demonstrate that you don’t need to know all the nitty-gritty details of a protocol or application (FTP in this case) when you approach an issue. A sound and consistent methodology should get you to a point where you may not know what the root cause is, but you should have an idea what to research next.

In this case, I confirmed that the problem or error was consistently happening before starting with a packet capture of the reported problem. After capturing the application "hanging," we reviewed our trace and it was obvious what happened.




  • In frame 14 the client sends the FTP Port command.

  • In frame 15 the server responds with 502 ‘PORT’ command not implemented.

  • In frame 18 you can see the server sending a TCP RST (reset) frame back to the client shutting down the TCP connection.

Note that the PORT command is used by an FTP client to establish a secondary connection (address and port) for data to travel over. The first four numbers identify the client’s IP address and the next two values are used in a formula to identify the TCP port number for data. The formula is the first number multiplied by 256, then add the second value. In this example the data port will be over TCP port number 51068.

Now that we can clearly see that the port error message is causing the application to hang, I asked what they did next. They used FileZilla FTP client to test passive and active modes to see if either work, but said neither worked. They suggested we test again using FileZilla and perform a capture so we can try to figure out why both failed. For an initial test, I always use the software default settings. In this case, FileZilla’s default transfer mode is just "Default." Odd since Active and Passive are the other two options.




In our test, FileZilla worked, and  our trace showed why: FileZilla used passive mode as its default, or possibly tried passive first. You can see in the trace below that the PASV request was sent by the client and the server accepted in frame 25.




We changed the transfer setting to active, expecting this next test to fail since active will send a port command. Just as before, it worked as well. We reviewed the trace and were caught off guard with what FileZilla did.




You can see in frames 25 and 26 where FileZilla unsuccessfully tried the port command for an active connection. After that failed, FileZilla successfully requested a passive connection in frames 27/28. Even though we manually selected Active, FileZilla automatically went to passive. Now we know why FileZilla worked with default, active, and passive modes.

The group asked me how we can test a FTP session in active mode and I suggested using Internet Explorer. We then ran a test to see Internet Explorer's default settings.




As you can see, Internet Explorer used passive mode. You can change this setting in Internet Options.




We unchecked the Passive FTP box and tried again.




As you can see above, Internet Explorer tried the Port command unsuccessfully and then failed. It did not try a passive connection like FileZilla did previously.

We were able to prove and document that the upgraded FTP server did not support active sessions or specifically, the port command. We passed our findings on to the application/server group, which investigated and asked us to test again, and our active test worked just fine. We then tested the application and it worked flawlessly.

About the Author(s)

Tony Fortunato

Sr Network Performance Specialist

Tony Fortunato is a network performance expert who has been designing, implementing and troubleshooting networks since 1989. His company, The Technology Firm, provides clients of all sizes with services ranging from project management, network design, consulting, troubleshooting, designing custom-designed training courses, and assisting with equipment installation. Tony's experience in networking started with financial trading floor networks and ISPs, where he learned to integrate and support equipment from various vendors. Tony has taught and presented at numerous colleges and universities, public forums and private classes. He blogs frequently at NetworkDataPediaand has a popular YouTube channel.

Stay informed! Sign up to get expert advice and insight delivered direct to your inbox

You May Also Like

More Insights