Setup a secure FTP server on IIS FTP 7.5 with cisco ASA5505

Looking for suggestions (and brief setup tutorial) of which secure FTP setup is best.
FTP over SSL (Explicit)
FTP over SSL (Implicit)
From what I've read it seems most people prefer SFTP rather than FTP over SSL, what are the benefits? Also what is the setup process for SFTP (if that is in fact the best method) and what ports need to be forwarded?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Jody LemoineNetwork ArchitectCommented:
The key benefit of SFTP on SSH over FTP over SSL is the use of a single port for file transfer.  With any form of FTP, application layer gateways have to be configured on the firewall to snoop the data ports that are dynamically assigned by the protocol.  SFTP uses SSH and thus everything travels over 22/tcp (or whatever alternate port you'd like to use) and needs only a single forwarded port.

If you want a quick and simple SFTP setup, you can test things out with FreeFTPd ( and forward port 22/tcp on your ASA to whatever machine is running the FreeFTPd application.

For a client, FileZilla ( will support both FTP and SFTP nicely.
ZachToubaAuthor Commented:
Do most FTP clients support SSH FTP? This FTP server will be connected to by people on both Mac and Windows, also several different companies are connecting to move large graphics files. I'm sure the people connecting already have an FTP program they have been using for years, are comfortable with, and also probably have many of their other clients FTP server's info saved in them.

I would prefer to use the built-in IIS FTP 7.5 service, is it possible to use it with SSH? Are there any disadvantages to using FreeFTPd rather than the IIS version?
Jody LemoineNetwork ArchitectCommented:
SFTP is a completely different protocol from FTP and requires clients that specifically support it.  The one mentioned earlier (FileZilla) supports both Windows and Macintosh.

Unfortunately, to the best of my knowledge, IIS does not support SFTP.  It does support FTPS, but this has the same random port problem that non-encrypted FTP has.

FreeFTPd is a *simple* implementation and has limited support for any advanced or custom options.  If you want to use SFTP and have needs beyond this, a commercial server package is recommended.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Server Software

From novice to tech pro — start learning today.