|Between the client and the proxy
||When the FTP client sends a request to the server, the proxy will first intercept the request in order to analyze it. From the FTP “client”’s point of view, the proxy corresponds to the server. This option allows defining the authorized transfer mode:
- If Active only is specified, the FTP client will determine the connection port to use for transferring data. The FTP server will then initialize the connection from its data port (port 20) to the port specified by the client.
- If Passive only is specified, the FTP server will determine the connection port to use for transferring data (data connection) and will transmit it to the client.
- If Active and passive is specified, the FTP client will be able to choose between both transfer modes when configuring the firewall.
|Between the proxy and the server
||When the proxy has finished scanning the client request, it will transfer it to the FTP server, which will then interpret the proxy as the FTP client. Since the proxy has an intermediary role, it is transparent.
The authorized transfer modes are the same as for the previous option.