I was trying to FTP into a new server I had just setup and couldn’t. I received this error message:
Server sent passive reply with unroutable address. Using server address instead
The error message was specifically in FileZilla whereas many other FTP clients may just give an error such as “Could not connect” or something similar. Then you know a connection cannot be made to the FTP server.
It happens specifically with passive mode FTP and it turns out there are 3 possible causes for this problem depending on your server setup. Or it could be both of the problems really.
By default, cPanel/WHM uses Pure-FTPD, so we’ll work with that.
Here are 3 things you should check:
1. Set Passive Port Range in FTP Server
Make sure that the passive port range is specified in the configuration of the FTP server.
/etc/pure-ftpd.conf file on your server and make sure the following line is uncommented (hash # is removed at the start of the line) and that it is specified correctly:
PassivePortRange 30000 50000
Then restart the FTP server with the following command:
systemctl restart pure-ftpd.service
2. Allow Port Range for TCP in Firewall
If you’re running a firewall of some sort, make sure that the passive port range is allowed for TCP connections into the server in the firewall. If you’re running CSF, open the
/etc/csf/csf.conf file and add the
30000:50000 port range to
# Allow incoming TCP ports TCP_IN = "20,21,22,25,53,80,110,30000:50000"
I noticed that even if you configure this in the CSF configuration settings in WHM it doesn’t seem to work and this is a different configuration file being used.
Restart CSF when you’re done doing this.
3. Force Passive FTP IP Address
/etc/pure-ftpd.conf again and make sure that
ForcePassiveIP is uncommented and that your server’s primary IP address is specified.
Note that if you set this IP address, users won’t be able to connect via FTP using a different IP address on the server so rather let users use the hostname to connect via FTP which resolves to this primary IP address.
Restart Pure-FTPD service when you’re done doing this.
This solved the problem for me and I believe I had #1 and #2 set but #3 was ultimately the issue that gave the Server sent passive reply with unroutable address. Using server address instead error message, good luck and I hope it helps!