The firewall blocks passive mode FTP transfers.
To fix this error you need to:
Find: PassivePortRange in /etc/pureftpd.conf
Remove the # and add this to the line: PassivePortRange 30000 35000
See TCP_IN in /etc/csf/csf.conf and add the passive port range to it
TCP_IN = “##,##,##,###,###,###,30000:35000”
Notice in TCP_IN you see 30000:35000 , that’s a range of ports. And based upon what you set for the PassivePortRange in /etc/pureftpd.conf, you should modify TCP_IN in /etc/csf/csf.conf to allow those inbound ports.
Next you need to restart both PureFTP and CSF after making the changes.
When you add your Vlan each port will need to be set to one of these:
Here is the definitions for each network switch Vlan setting:
Allows the port to join multiple VLANs.
Allows VLAN connection to a device that is configured for an untagged VLAN instead of a tagged VLAN. A port can be an untagged member of only one port-based VLAN.
A port can also be an untagged member of only
one protocol-based VLAN for any given protocol type.
For example, if the switch is configured with the default VLAN plus three protocol-based
VLANs that include IPX, then port 1 can be an untagged member of the default VLAN and one of the protocol-based VLANS.
Appears when the switch is not GVRP-enabled; prevents the port from – or – joining that VLAN.
Appears when GVRP is enabled on the switch; allows the port to
dynamically join any advertised VLAN that has the same VID
Prevents the port from joining the VLAN, even if GVRP is enabled on the switch.