This post is to demonstrate the process to Configure FileZilla FTP Server with Fortigate Firewall.
FileZilla Server configuration
Connection configuration
![](https://ictfella.com/wp-content/uploads/2022/05/filezilla-server-ftp-connection-protocol.png)
Auto-ban configuration
![](https://ictfella.com/wp-content/uploads/2022/05/filezilla-server-ftp-autoban-config.png)
Passive mode port range
![](https://ictfella.com/wp-content/uploads/2022/05/filezilla-server-ftp-passive-mode-port-range.png)
FTP user configuration
![](https://ictfella.com/wp-content/uploads/2022/05/filezilla-server-ftp-user-config.png)
Fortinet FortiGate Firewall configuration
In virtual IP configuration, we have dedicated public IP, hence 1 to 1 Static NAT is used
![](https://ictfella.com/wp-content/uploads/2022/05/fortigate-ftp-virtual-ip-config-updated.png)
Firewall Policy configuration
![](https://ictfella.com/wp-content/uploads/2022/05/fortigate-firewall-policy-allow-ftp-updated.png)
Common Error
Server sent passive reply with unroutable address. using server address instead.
Error is caused by “passive mode” FTP, the negotiated ports are not open in this case after initial authentication. Define the port range in both the FTP server and FortiGate firewall to fix the problem.
Useful link
Network Configuration – FileZilla Wiki (filezilla-project.org)