Хостинг от ERA Host
EraHost – Free Domain, Cheap Hosting!
Client Area
Support 24/7
USD

Select Currency

USD - United States Dollar
EUR - Euro
GBP - British Pound
CAD - Canadian Dollar
CHF - Swiss Franc
JPY - Japanese Yen
AUD - Australian Dollar
TRY - Turkish Lira
CNY - Chinese Yuan
INR - Indian Rupee
UAH - Ukrainian Hryvnia
AED - United Arab Emirat...United Arab Emirates Dirham
AMD - Armenian Dram
AOA - Angolan Kwanza
ARS - Argentina Peso
AWG - Aruba Guilder
AZN - Azerbaijanian Mana...Azerbaijanian Manat
BAM - Bosnian Convertibl...Bosnian Convertible Marka
BDT - Bangladesh Taka
BGN - Bulgarian Lev
BHD - Bahraini Dinar
BIF - Burundian Franc
BMD - Bermudian Dollar
BND - Brunei Dollar
BOB - Bolivian Boliviano
BRL - Brazilian Real
BSD - Bahamian Dollar
BTN - Bhutanese Ngultrum
BWP - Botswana Pula
BZD - Belize Dollar
CLP - Chilean Peso
CRC - Costa Rican Colon
CVE - Cape Verdean Escud...Cape Verdean Escudo
CZK - Czech Koruna
DJF - Djiboutian Franc
DKK - Danish Krone
DOP - Dominican Peso
DZD - Algerian Dinar
EGP - Egyptian Pound
ETB - Ethiopian Birr
FJD - Fijian Dollar
FKP - Falkland Island Po...Falkland Island Pound
GEL - Georgian Lari
GGP - Guernsey Pound
GHS - Ghanaian Cedi
GMD - Gambian Dalasi
GTQ - Guatemalan Quetzal
GYD - Guyanese Dollar
HKD - Hong Kong Dollar
HNL - Honduran Lempira
HRK - Croatian Kuna
HUF - Hungarian Forint
ILS - Israeli New Shekel
IMP - Isle of Man Pound
ISK - Icelandic Krona
JEP - Jersey Pound
KES - Kenyan Shilling
KGS - Kyrgystani Som
KMF - Comorian Franc
KRW - South Korean Won
KWD - Kuwaiti Dinar
KZT - Kazakhstani Tenge
LAK - Lao Kip
LKR - Sri Lankan Rupee
LRD - Liberian Dollar
LSL - Lesotho Loti
LTL - Lithuanian Litas
LVL - Latvian Lats
MAD - Moroccan Dirham
MDL - Moldovan Leu
MKD - Macedonian Denar
MNT - Mongolian Tugrik
MOP - Macanese Pataca
MRO - Mauritanian Ouguiy...Mauritanian Ouguiya
MUR - Mauritian Rupee
MVR - Maldivian Rufiyaa
MXN - Mexican Peso
MYR - Malaysian Ringgit
MZN - Mozambican Metical
NAD - Namibian Dollar
NIO - Nicaraguan Cordoba...Nicaraguan Cordoba Oro
NOK - Norwegian Krone
NPR - Nepalese Rupee
NZD - New Zealand Dollar
OMR - Omani Rial
PEN - Peruvian Nuevo Sol
PGK - Papua New Guinean...Papua New Guinean Kina
PKR - Pakistani Rupee
PLN - Polish Zloty
PYG - Paraguayan Guarani
QAR - Qatari Riyal
RON - Romanian New Leu
RSD - Serbian Dinar
RWF - Rwandan Franc
SAR - Saudi Riyal
SBD - Solomon Islands Do...Solomon Islands Dollar
SCR - Seychellois Rupee
SEK - Swedish Krona
SGD - Singapore Dollar
SHP - St. Helena Pound
SRD - Surinamese Dollar
SVC - Salvadoran Colon
SZL - Swazi Lilangeni
THB - Thai Baht
TJS - Tajikistani Somoni
TMT - Turkmenistani Mana...Turkmenistani Manat
TND - Tunisian Dinar
TOP - Tongan Pa`anga
TWD - New Taiwan Dollar
UYU - Uruguayan Peso
WST - Samoan Tala
ZMW - Zambian Kwacha
Menu
EraHost – Free Domain, Cheap Hosting!
Хостинг от ERA Host
  • Registration
  • 24/7 Support
    24/7 Support
Home  ›  Blog  ›  Troubleshooting

Fix "EAI_NONAME FTP Error" – Firewall Blocking FTP Connections

Table of Contents: Understanding the Error Check If Firewall Is Blocking FTP Allow FTP in Windows Firewall Allow FTP in Linux Firewalls Check Router Settings & Port Forwarding Use Passive Mode in FileZilla
Firewall Blocking FTP Connection Error

The "EAI_NONAME - Neither nodename nor servname provided, or not known" FTP error often indicates DNS resolution issues, but if your firewall is blocking FTP traffic, you may experience connection timeouts or refused connections alongside this error. This guide focuses specifically on configuring firewalls on Windows, Linux (UFW/Firewalld/Iptables), and routers to allow FTP access.

Error Context: While EAI_NONAME suggests a DNS problem, it can appear when firewalls block the initial FTP connection or DNS queries. If you've already checked DNS settings and the error persists, firewall configuration is the likely culprit. This error commonly affects FileZilla, WinSCP, and other FTP clients.

Understanding the Error

The EAI_NONAME error combined with FTP connection failures typically means:

  1. The FTP client successfully resolves the hostname to an IP address (DNS works)
  2. But the firewall blocks the actual FTP connection attempt (TCP ports 21, 20, or 990)
  3. Or the firewall blocks DNS queries before the connection even attempts

Firewalls can block FTP at multiple levels:

  • Local software firewall: Windows Defender, third-party antivirus
  • Operating system firewall: UFW, Firewalld, iptables on Linux
  • Network firewall: Router/access point security settings
  • Corporate/ISP firewall: Network-level blocking of FTP ports

Check If the Firewall Is Blocking FTP

Before modifying firewall settings, verify that FTP ports are actually being blocked.

Test FTP Port Connectivity

Using Netcat (Cross-Platform):

# Test standard FTP port (21) nc -zv ftp.yourdomain.com 21 # Test FTPS port (990) nc -zv ftp.yourdomain.com 990 # Test from a specific source port (if needed) nc -zv -p 50000 ftp.yourdomain.com 21

Using Telnet:

# Windows/Linux/macOS (if telnet is installed) telnet ftp.yourdomain.com 21

Using PowerShell (Windows):

Test-NetConnection -ComputerName ftp.yourdomain.com -Port 21

Interpretation of Results:

Result Meaning Action
Connection succeeded
Connected to ftp.yourdomain.com port 21		 FTP port is open and accessible Firewall is not blocking; check other issues
Connection refused
Connection refused		 Port is closed or service not running Check if FTP server is running, then firewall
Timeout
Operation timed out		 Firewall is actively blocking/dropping packets Configure firewall to allow FTP traffic
No route to host Network connectivity issues Check network configuration and routing

Allow FTP in Windows Firewall

Method 1: Allow Specific FTP Application

  1. Open Control Panel > System and Security > Windows Defender Firewall
  2. Click "Allow an app or feature through Windows Defender Firewall"
  3. Click "Change settings" (requires administrator privileges)
  4. Find your FTP client (FileZilla, WinSCP, etc.) in the list
  5. If not listed, click "Allow another app..." and browse to the executable:
    • FileZilla: C:\Program Files\FileZilla FTP Client\filezilla.exe
    • WinSCP: C:\Program Files (x86)\WinSCP\WinSCP.exe
  6. Check both Private and Public network boxes
  7. Click OK to save

Method 2: Open FTP Ports Manually (Advanced)

  1. Open Windows Defender Firewall with Advanced Security
    # Open via Run dialog (Win+R) wf.msc
  2. In the left pane, select Inbound Rules
  3. Click New Rule... in the right Actions pane
  4. Select Port > Next
  5. Select TCP and enter 21 in "Specific local ports"
  6. Select Allow the connection > Next
  7. Check all three profiles (Domain, Private, Public) > Next
  8. Name: "FTP Control Port 21" > Finish
  9. Repeat for port 20 (FTP Data) and 990 (FTPS) if needed

Method 3: Windows Security App (Windows 10/11)

  1. Open Windows Security (shield icon in system tray)
  2. Go to Firewall & network protection
  3. Click "Allow an app through firewall"
  4. Click "Change settings" > Add your FTP client > Check network types > OK
Third-Party Antivirus: Applications like Norton, McAfee, Kaspersky, or Bitdefender have their own firewalls that override Windows Defender. Check these applications' settings and temporarily disable them for testing if FTP connections work.

Allow FTP in Linux Firewalls

UFW (Ubuntu/Debian)

# Allow standard FTP ports sudo ufw allow 21/tcp # FTP control connection sudo ufw allow 20/tcp # FTP data connection (active mode) # For FTPS (FTP over SSL/TLS) sudo ufw allow 990/tcp # For passive FTP, allow a port range (e.g., 30000:50000) sudo ufw allow 30000:50000/tcp # Apply changes sudo ufw reload # Verify rules sudo ufw status numbered

Firewalld (CentOS/RHEL/Fedora)

# Add FTP service (opens ports 21, 20, 990) sudo firewall-cmd --add-service=ftp --permanent # For passive FTP, add a custom port range sudo firewall-cmd --add-port=30000-50000/tcp --permanent # For explicit FTPS (if not included in ftp service) sudo firewall-cmd --add-port=21/tcp --permanent sudo firewall-cmd --add-port=990/tcp --permanent # Apply changes sudo firewall-cmd --reload # Verify configuration sudo firewall-cmd --list-all sudo firewall-cmd --list-ports

Iptables (Manual Configuration)

# Allow FTP control connection sudo iptables -A INPUT -p tcp --dport 21 -j ACCEPT # Allow FTP data connection (active mode) sudo iptables -A INPUT -p tcp --dport 20 -j ACCEPT # Allow FTPS sudo iptables -A INPUT -p tcp --dport 990 -j ACCEPT # For passive FTP, allow a range sudo iptables -A INPUT -p tcp --dport 30000:50000 -j ACCEPT # Allow related/established connections sudo iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT # Save rules (distribution-dependent) # For systems with iptables-persistent: sudo netfilter-persistent save # For CentOS/RHEL 7+: sudo service iptables save # For others: sudo iptables-save > /etc/iptables/rules.v4
FTP Port Reference:
  • Port 21: FTP control - commands and responses (always needed)
  • Port 20: FTP data - file transfers in active mode (often blocked)
  • Port 990: FTPS (FTP over implicit SSL/TLS) - encrypted control
  • Ports 30000-50000: Common range for passive mode data connections

Check Router Settings & Port Forwarding

If you're connecting to an FTP server behind a home/office router, configure port forwarding.

  1. Log into your router: Typically http://192.168.1.1, http://192.168.0.1, or check the router label
  2. Find Port Forwarding/Virtual Server: Usually under Advanced Settings, Security, or NAT
  3. Add forwarding rules:
    Service Name Protocol External Port Internal Port Internal IP
    FTP Control TCP 21 21 [FTP server's local IP]
    FTP Data (Active) TCP 20 20 [FTP server's local IP]
    FTPS TCP 990 990 [FTP server's local IP]
    FTP Passive Range TCP 30000-50000 30000-50000 [FTP server's local IP]
  4. Save settings and restart router if necessary
Important: If you're the FTP client (not server), you typically don't need port forwarding on your router. Port forwarding is only necessary if you're hosting an FTP server behind a NAT router. As a client, you need outbound rules, which most home routers allow by default.

Use Passive Mode in FileZilla

Passive mode (PASV) is often more firewall-friendly because all connections are initiated by the client.

  1. Open FileZilla
  2. Go to Edit > Settings (Windows) or FileZilla > Settings (Mac)
  3. Navigate to Connection > FTP
  4. Select Passive (recommended) under Transfer mode
  5. Optional: Check "Fall back to active mode"
  6. For specific networks, you may need to configure:
    • Use the server's external IP address instead (if behind NAT)
    • Limit local ports to a specific range for easier firewall rules
  7. Click OK and try connecting
Active vs. Passive Mode:
Aspect Active Mode Passive Mode
Control Connection Client > Server (port 21) Client > Server (port 21)
Data Connection Server > Client (port 20) Client > Server (random port)
Firewall Friendly No - requires inbound to client Yes - all outbound from client
NAT Compatibility Poor Good
Most modern FTP clients default to passive mode for better firewall/NAT compatibility.

Summary of Firewall Fixes for "EAI_NONAME FTP Error"

Firewall System Solution Verification Command
Windows Defender Allow app in firewall settings; open ports 21, 20, 990 Test-NetConnection -ComputerName ftp.server.com -Port 21
UFW (Ubuntu/Debian) sudo ufw allow 21/tcp and port range for passive sudo ufw status numbered
Firewalld (RHEL/CentOS) sudo firewall-cmd --add-service=ftp --permanent sudo firewall-cmd --list-all
Iptables Add ACCEPT rules for FTP ports and save sudo iptables -L -n | grep :21
Router Firewall Configure port forwarding for server; disable SPI firewall for testing External port scanner (e.g., YouGetSignal.com)
Third-Party AV Temporarily disable; add FileZilla to exceptions Connect with security software disabled
FileZilla Settings Switch to Passive mode; verify encryption settings Edit > Settings > Connection > FTP
Final Troubleshooting Steps: If FTP still fails after firewall configuration:
  1. Test with a different FTP client (WinSCP, Cyberduck) to rule out FileZilla-specific issues
  2. Connect from a different network (mobile hotspot) to check ISP blocking
  3. Verify the FTP server is actually running and accessible
  4. Check if you need SFTP (SSH-based, port 22) instead of traditional FTP
  5. Consult with your network administrator for corporate/enterprise environments

Hosting

Cloud Solution

For You

VDS

Website Builders


Our services

Client Area

Contact

ICANN
18+ Service. By continuing to use this website, you agree to the use of cookies. More detailed information can be found on the "What are cookies"page.

Выберите валюту

USD - United States Dollar
EUR - Euro
GBP - British Pound
CAD - Canadian Dollar
CHF - Swiss Franc
JPY - Japanese Yen
AUD - Australian Dollar
RUB - Russian Ruble
TRY - Turkish Lira
CNY - Chinese Yuan
INR - Indian Rupee
UAH - Ukrainian Hryvnia
© 2006 - 2026 EraHost. All rights reserved