Can Server 2008 run an successful secure ftp with IIS web server 7.5?

jeamrotae
jeamrotae used Ask the Experts™
on
Can Server 2008 run an successful secure ftp with IIS web server 7.5?

I have issues with making secure ftp work.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Aaron TomoskyDirector of Solutions Consulting

Commented:
Do you mean sftp which is really FTP tunneled through ssh?

Author

Commented:
yes, i think. I get confused with sftp and ftps  ....i purchase a godaddy certificate and used common name ftp.netlanpc.com and it is not working...I bind the site with port 990 in IIS 7.5 and installed the certificate. I am also using basic authenication

Commented:
IIS can secure ftp over ssl.
This is an example of how to do.
Become a Microsoft Certified Solutions Expert

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

Top Expert 2011

Commented:
Hello,

FTP over SSH is not supported by IIS ftp. For that you have to use third party FTP application. e.g. Filezilla server is very easy open source FTP application that supports FTP over SSH.

IIS supports FTPS; FTP over SSL. There are no major different between sftp and ftps. Both do encrypt the traffic.

Please go through below article on how to.

http://learn.iis.net/page.aspx/310/what-is-new-for-microsoft-and-ftp-in-iis-7/

Regards,
Sanjay Santoki

Author

Commented:
I think i followed the website how to setup the ftp ssl in iis 7.5 ....my binding port is 990 . I was told to use 990 instead of port 21  and the site name is ftp.netlanpc.com.  And also , I want to use basic authenication so that only a few users can log into the site.

The certificate I purchased from godaddy has a common is ftp.netlanpc.com... I configured everything I am suppose to on the server, i think. I do not know why it is not coming up when I type ftp://ftp.netlanpc.com .

Please note

Before I tried use ftp ssl.

I had the ftp site working with anonymous log it without ssl. But now I just wanted to secure the ftp site better and learn how to do ssl ftp.

I think if i use anonymous log in the site may work (i think iis quarky because of the basic authenication I trying to use instead opening the site to everyone) .

Configured on the server: (note I am hosting netlanpc.com on server and I have A records for www and ftp .

Website is working but the ftp is not.

Ping is working but just can and
dns server

This issue has been giving me alot of trouble. Is there any more help or way of testing the site to work?
Tray896SharePoint Engineer

Commented:
Are you able to telnet to ftp.netlanpc.com over port 990?  That will tell you whether or not it is able to accept connections on that port.  Does it work if you use anonymous access over SSL?  If so, you may just need to grant the proper NTFS permissions for your logins.  Does it work if you use basic authentication without SSL?  By doing these tests you should be able to determine pretty quickly whether it's an issue with the SSL configuration or there is something wrong with how your authentication is setup.

Author

Commented:
I am not getting any by telnet ....is there a way to do everything over (reset everything) because I am sure I had the ftp working anonymously at one point.

Commented:
If you can't connect with telnet check your firewall rules. You could do a quick test by turning the firewall of and try to connect.

Author

Commented:
do iis 7.5 ssl ftp work with browser?

Commented:
No, download filezilla FTP client which supports FTP over SSL.

Author

Commented:
so that is incase then that means when I type ftp://ftp.netlanpc.com in the browser it does not work....

How do test if the ftp works, through filezilla?

Can I test on server with telnet or some other software?

Note I am note sure telnet works because when I try on the c prompt telnet does not work.

Commented:
I think you should go verify your installation step by step.

Step 1
Enable FTP with basic authentication on port 21.

Step 2
Test the ftp from command prompt and verify that it works.
ftp ftp.netlanpc.com

Step 3
Test to connect from another compter with ftp, to make sure that the firewall does't block your ftp connection.

Step 4
If you have succeeded all test above then you can focus on turning on SSL.
Change the settings to require SSL on you web site.
Test local from command prompt and you should get an error message that informs you that your site has a policy that requires SSL.

Step 5
Test from another computer to verify that the FTP is working.

If you use Filezilla use the following settings:
Require explicit FTP over TLS
And set transmission to Passiv

Good Luck

Author

Commented:
Tested the ftp with port 21 without ssl and was successful on the 2008 server and on a client vista machine. so far so good

Author

Commented:
step 4.....I am not sure if this the answer I was supposed get to inform me that it requires ssl?
step-4.jpg

Author

Commented:
step 4 with vista machine...not much luck step 4 from vista

Author

Commented:
With your help I was able to isolate the issue.

I was finally able to resovled the issue by using the filezilla client and my mistake was to pipe the username with the host site. Also, in the client I left the port blank.


Thank you so much....

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial