Q. I have installed ProFTPD ftp server but some of my clients cannot be connected to my site since they are behind a proxy or firewall. What can I do about it?
A. passive ftp connections are very common when set behind a proxy or firewall. In a passive ftp connection, the client sends the PASV command to the server and is the server who selects a port at random and sends it to the client. We must configure directive PassivePorts in ProFTPD.
Steps
Open the ProFTPD configuration file
vim /etc/proftpd.conf
Add the directive
PassivePorts 62000 64000
Save changes in VIM
Esc :x
Restart ProFTPD
# service restart proftpd
Then we add the following rule to our Firewall (iptables)
# iptables -A INPUT -p TCP -s 0/0 --destination-port 62000:64000 -j ACCEPT