Port 21 is showing open with anonymous login
When I do a port scan on the wan port it shows port 21 open with anonymous login accepted.
I have a complete block rule in place except for ping response, why is it still showing port 21 open
I'm new to PFSense, but not new to networks, so I hope this isn't too off. Did you do the port scan from the interface side that you applied the block rule to?
Example: If you applied the block rule on your WAN interface, but you did an port scan from your LAN interface, you may not get the same results.
And what ftp service do you think is running on pfsense that this could show open, even if you did not have the wan block rule in place?
There is no ftp service in pfsense. Did you port forward ftp to something inside? Do you have device in front of pfsense?
do a simple netstat or sockstat -l, do you see pfsense listening on 21?? I know for sure that is not the case out of the box and by default all inbound traffic blocked.. So you either forwarded or opened up a rule on the wan and installed something or you scanning something other than pfsense in the first place. Most likely your router in front of pfsense.