| NETWORK: Networking requisites | |||
|---|---|---|---|
| Firewall configuration for the Westpay card terminals | |||
| Purpose | Destination | Port | Incoming/Outgoing: |
All terminals |
|||
| Software updates |
31.15.40.250 |
21 (Passiv FTP) |
YES/YES |
| Logfile upload |
https://logs.westpay.se |
443 | x/YES |
West Payment Gateway production terminals |
|||
| Configuration download, (PPL) |
185.27.171.151 |
55101 (Passiv FTP) | YES/YES |
| SPDH Host traffic, (primary Host) |
185.27.171.151 |
55102 (TCP) | YES/YES |
| SPDH Host traffic, (secondary Host) |
185.27.171.152 |
55102 (TCP) | YES/YES |
Passive Mode FTP
In passive mode, the client still initiates a command channel (control connection) to the server. However, instead of sending the PORT command, it sends the PASV command, which is basically a request for a server port to connect to for data transmission. When the FTP server replies, it indicates what data port number it has opened for the ensuing data transfer.
Here's how passive mode works in a nutshell:
- The client connects from a random port to port 21 on the server and issues the PASV command. The server replies, indicating which (random) port it has opened for data transfer.
- The client connects from another random port to the random port specified in the server's response. Once connection is established, data transfers are made through these client and server ports.