If you intend to run an internet facing FTP server you have 2 options for FTP, active or passive. The easiest option for an FTP server administrator is the active mode. In active mode the client makes a connection to the server on port 21. The server then makes an outbound connection on port 20 to the client on a random port (>1023) for data transfer. So for the FTP server administrator the only port redirection required is port 21, and firewall access required is port 21 inbound and 20 outbound. While this is great for the FTP Server admin your clients will most likely fail to achieve any data transfer. This is because most clients will have some form of firewall in place which will prevent the server from making the connection to the random port. Read more about How to run a PASSIVE FTP server on Windows Server with a Cisco Router …