Supported Connection Profiles and Ports

Files.com supports both implicit and explicit security along with active and passive mode connections, using well-known ports to infer the exact connection profile.

Choosing a Connection Profile

The recommended default is to use Explicit FTPS (FTPeS) on port 21 (or 3021 if 21 is blocked). 3021 is provided as an alternate port when your security team will not permit traffic on port 21.

Only when the FTP client requires it, use Implicit FTPS on port 990 (or 3990). 3990 is provided as an alternate port when your security team will not permit traffic on port 990.

As a last resort, and only when no other option is available, connect with unencrypted FTP on port 21 (or 3021 if 21 is blocked). Because this is not recommended, it is disabled by default.

Command Channel Ports

The command channel of FTP is used for sending login information and commands.

• FTPS (implicit FTP over TLS) on ports 990 and 3990
• FTPeS (explicit FTP over TLS) on ports 21 and 3021
• Plain, insecure FTP on port 21 and 3021 (disabled by default, but can be enabled if your business needs require it).

Data Channel Ports

The data channel of FTP is used for transferring files.

Passive data ports (Files.com): 40000–50000.

In active mode, Files.com will attempt to connect back to the FTP client using the random data port that the FTP client specified. This requires you to configure inbound firewall rules from Files.com to your FTP client.

In passive (PASV) mode, your FTP client will attempt to connect to Files.com on a random port between 40000 and 50000. This requires you to configure outbound firewall rules from your FTP client to Files.com.