How to enable FTP passive mode on Ubuntu vsftpd server

By default, FTP Connections are in Active mode. However, there is another mode called Passive FTP.

From the server, we need to enable passive FTP If the FTP client uses the passive mode to initiate the FTP connection. In order to configure vsftpd passive mode in Ubuntu 18.04, we must add the following parameters to the /etc/vsftpd.conf file.

pasv_enable=Yes
pasv_min_port=10100
pasv_max_port=10110

Then restart the vsftpd service:

sudo systemctl restart vsftpd

The pasv_enable=Yes directive enables the passive mode for Ubuntu vsftpd server, then we defined a range of ports that will be used for the data connection (you can use any custom port range).

If the Ubuntu server is behind a firewall, you need to open passive port range. Following example shows how to open passive port range from the UFW Ubuntu firewall.

sudo ufw allow from any to any proto tcp port 10100:10110

In an active mode, the FTP client uses a random port to initiate the connection. With passive mode, the client requests the passive connection and requests a random port from the FTP server. Normally The FTP client uses the Passive mode when the client is behind a firewall.

By enabling passive FTP you will also solve the following Filezilla error: Connection timed out after 20 seconds of inactivity, Failed to retrieve directory listing.