FTP/FTPS

At Control Panel > File Services > FTP, you can enable FTP services to allow clients to access folders and data on the system. Before enabling FTP, make sure the following TCP ports of your router are being forwarded to the Synology NAS device: 21 (default control connection), 20 (data connection for active mode) and 55536-55567 (data connection for passive mode).

To enable FTP service:

  1. Enable one of the following:
    • Enable FTP service (No encryption): This is the standard network protocol used to transfer files. FTP does not provide any encryption to protect information during transfer sessions, such as passwords, usernames, or files. However, transfer speeds are faster and require less system resources.
    • Enable FTP SSL/TLS encryption service (FTPS): A continuation of standard FTP with additional support for Transport Layer Security (TLS) and Secure Sockets Layer (SSL) cryptographic protocols, which protects information during transfer sessions, such as passwords, usernames, or files. However, transfer speeds are slower and consume more system resources due to encryption.
  2. Click Apply.

Timeout

FTP server will disconnect idle users after the specified period of time.

Port Number Setting of FTP Service

This section allows you to specify the port used for the FTP control channel.

Note:

The default port number for FTP control channel is 21. It can be set from 1 to 65535, excluding the following numbers: 20, 22, 23, 25, 80, 110, 137, 138, 139, 143, 199, 443, 445, 515, 543, 548, 587, 873, 993, 995, 3306, 3689, 5000, 5001, 5005, 5006, 5335, 5432, 6881, 8080, 7000, 7001, 8081, 9997, 9998, 9999, 50001, 50002, and eMule default ports: 4662 (TCP), 4672(UDP).

Port Range of Passive FTP

This section allows you to specify the port range used for Passive FTP connections. You can use the default port range or specify a custom range. The port range can be set from 1025 to 65535, and can contain up to 128 ports.

Reporting External IP in PASV Mode

By enabling this option, the server will report its external IP address to FTP clients. The reported IP address will be displayed in the FTP client's connection log. Once enabled, you can choose the automatically detected external IP address or manually input the external IP address of the Synology NAS.

This option only works when the Synology NAS is behind a NAT, and the FTP clients belong to a different subnet than the Synology NAS does. In most cases, this option is unnecessary, but if FTP clients fail to connect to the Synology NAS, then you can enabled this option and try again.

Enabling FXP

FXP stands for File eXchange Protocol. By enabling this option, FTP service will support server-to-server file transfer function.

Enabling FIPS Cryptographic Module

FIPS is supported on FTPS service using OpenSSL FIPS 140-2 validated cryptography module (Certificate #1747). By enabling this option, additional secure cryptography algorithms will be used by FTPS service to provide more secure sessions.

Supporting ASCII Transfer Mode

Enable this option to support ASCII transfer mode, allowing the Synology NAS to properly transfer ASCII formatted plain text files via FTP.

UTF-8 Encoding

This option can be used to help FTP clients correctly display and handle files with multilingual filenames. To meet the needs of various FTP clients, the following three options are provided:

  • Disable: UTF-8 encoding will not be used. This option is intended for clients using Windows File Explorer as an FTP client to upload/download files with multilingual filenames. It is not recommended for normal usage.
  • Auto: Let DSM automatically determine how to handle UTF-8 encoding. This option is recommended for normal usage.
  • Force: Force usage of UTF-8 encoding. If you have enabled UTF-8 encoding on your FTP client and it still fails to correctly display and handle files with multilingual filenames, select this option.

Connection Restriction

This section includes the following options.

  • Limit connections per IP: When this function is enabled, the server will limit the maximum connections per IP. Enable this function and FTP bandwidth restriction to have effective bandwidth management.
  • Enable FTP bandwidth restriction: Enable this function to restrict the bandwidth of single FTP connection.

Note:

  • The "guest" account cannot log in to the server via FTP.
  • The codepage setting on the FTP client computer must be the same as that of the Synology NAS in order to access the data correctly.
  • On some specific models, FTP service supports connecting using SSL or TLS.
  • The firewall settings of your FTP client and two FTP servers should be configured correctly, or FXP function may not work well.
  • Certain FTP clients, such as those using Internet Explorer 8/9, need to login with their username and password. For example: ftp://username:password@your.ftp.com.