• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1256
  • Last Modified:

Setup a secure FTP server on IIS FTP 7.5 with cisco ASA5505

Looking for suggestions (and brief setup tutorial) of which secure FTP setup is best.
FTP over SSL (Explicit)
FTP over SSL (Implicit)
SFTP over SSH
From what I've read it seems most people prefer SFTP rather than FTP over SSL, what are the benefits? Also what is the setup process for SFTP (if that is in fact the best method) and what ports need to be forwarded?
0
ZachTouba
Asked:
ZachTouba
  • 2
1 Solution
 
Jody LemoineNetwork ArchitectCommented:
The key benefit of SFTP on SSH over FTP over SSL is the use of a single port for file transfer.  With any form of FTP, application layer gateways have to be configured on the firewall to snoop the data ports that are dynamically assigned by the protocol.  SFTP uses SSH and thus everything travels over 22/tcp (or whatever alternate port you'd like to use) and needs only a single forwarded port.

If you want a quick and simple SFTP setup, you can test things out with FreeFTPd (http://www.freesshd.com/) and forward port 22/tcp on your ASA to whatever machine is running the FreeFTPd application.

For a client, FileZilla (http://www.filezilla-project.org) will support both FTP and SFTP nicely.
0
 
ZachToubaAuthor Commented:
Do most FTP clients support SSH FTP? This FTP server will be connected to by people on both Mac and Windows, also several different companies are connecting to move large graphics files. I'm sure the people connecting already have an FTP program they have been using for years, are comfortable with, and also probably have many of their other clients FTP server's info saved in them.

I would prefer to use the built-in IIS FTP 7.5 service, is it possible to use it with SSH? Are there any disadvantages to using FreeFTPd rather than the IIS version?
0
 
Jody LemoineNetwork ArchitectCommented:
SFTP is a completely different protocol from FTP and requires clients that specifically support it.  The one mentioned earlier (FileZilla) supports both Windows and Macintosh.

Unfortunately, to the best of my knowledge, IIS does not support SFTP.  It does support FTPS, but this has the same random port problem that non-encrypted FTP has.

FreeFTPd is a *simple* implementation and has limited support for any advanced or custom options.  If you want to use SFTP and have needs beyond this, a commercial server package is recommended.

0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now