Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Windows 2000 TCP/IP Filtering blocks FTP!

Posted on 2004-09-08
5
Medium Priority
?
332 Views
Last Modified: 2012-05-05
Hi,

I have enabled TCP/IP Filtering feature of Windows 2000. I did following setting:

1. Permit all UDP Traffic
2. Permit all IP Traffic
3. Permit TCP Traffic on port 80, 20, 21, 25, 110, 53, 443

With this setup, everything works nicely except FTP. The customers are unable to ftp to their accounts. The can ftp to port 21 but when ftp client connect to random data port after login then the socket error pops-up which is obviously because that random port number is a disallowed ftp port.

My qeustions is, how do I configure tcp/ip filtering to allow FTP also.

Thank you.
0
Comment
Question by:azizparacha
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
5 Comments
 
LVL 15

Expert Comment

by:adamdrayer
ID: 12010462
It seems your FTP server is setup in passive mode.  This requires the server to have random ports about 1024 open.  You need to change that to active mode to accomplish what you want:
http://slacksite.com/other/ftp.html
0
 
LVL 15

Accepted Solution

by:
adamdrayer earned 2000 total points
ID: 12010513
you can also change the passiveftp range on IIS like so:
http://support.microsoft.com/?id=555022

0
 
LVL 15

Expert Comment

by:adamdrayer
ID: 12010597
some more info:
http://www.informit.com/articles/article.asp?p=101750&seqNum=8


It seems that this has to be set on the client side:

How to Change the Internet Explorer FTP Client Mode
------------------------------------------------------------------------------------
Start Internet Explorer.
On the Tools menu, click Internet Options.
Click the Advanced tab.
Under Browsing, click to clear the Enable folder view for FTP sites check box.
Click to select the Use Passive FTP (for firewall and DSL modem compatibility) check box.
Click OK.

and here:
http://www.informit.com/articles/article.asp?p=101750&seqNum=8
excerpt-
You can't configure IIS to switch off passive FTP port support, but in IIS 6 you can configure the port range used, which makes it easier to select a port range and configure your firewall service to pass through the passive FTP traffic.
0
 

Author Comment

by:azizparacha
ID: 12013934
Great help adamdrayer. I have limited passive port range, opened the range in tcp/ip filtering and everything now works just great.. Thanks a lot :+)
0
 
LVL 15

Expert Comment

by:adamdrayer
ID: 12015050
no problem.  thanks
0

Featured Post

Turn your laptop into a mobile console!

The CV211 Laptop USB Console Adapter provides a direct Laptop-to-Computer connection for fast and easy remote desktop access with no software to install.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Downtime reduced, data recovered by utilizing an Experts Exchange Business Account Challenge The United States Marine Corps employs more than 200,000 active-duty Marines with operations in four continents, all requiring complex networking system…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question