I can log in from outside but can’t get a directory list. My client goes through the login part in pasiv the server changes the port does an ls and nothing happens after that but a timeout. I’m guessing pasiv is automatically on in my version of vsftpd because the option isn’t in my config file but the server seems to be dong it. I’m guessing that the firewall is blocking the connection after the port change, since those ports are not open and this is what’s keeping it from showing the directorys?

So before I call my isp and get them to monkey around in the router. Should I tell them to set an outbound rule? And I’m guessing I should add pasv_min_port=65525
pasv_max_port=65535 to the config and give the isp the range of 65525-65535 for the outbound rule?

Here is my config file incase the problem is here.

listen=YES
anonymous_enable=YES
local_enable=YES
write_enable=YES
anon_upload_enable=NO
anon_mkdir_write_enable=NO
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_std_format=NO
idle_session_timeout=600
data_connection_timeout=120
nopriv_user=ftpsecure
ftpd_banner=Welcome to FTCGC's FTP service.
chroot_local_user=YES
secure_chroot_dir=/var/run/vsftpd
pam_service_name=vsftpd
rsa_cert_file=/etc/ssl/certs/vsftpd.pem
user_config_dir=/vsftpd/user_conf

Edit:
I added
pasv_min_port=65525
pasv_max_port=65535
to the config and told my isp to open the ports cant tell if it worked till I get home as I cant access it from inside the internal network using the externa ip. Hopefully it’s fixed

Internally at least PASV is working and using the ports I told it to. So I assume that if my isp opens the ports on the manages firewall everything should be good.