NENS24
asked on
IIS 7 FTPS port forwarding
I have setup FTPS using IIS7 which is working fine. I am using filezilla FTP client to establish the FTP connection. Currently have the FTP client pointing to a single public IP externally which is forwarding requests to the FTP server. The problem i am encountering is port forwarding. If i just forward all traffic from that single public IP to the FTP server, i can establish a connection perfect and upload/downlod files. I need to lock down the firewall but don't know what ports are being used or if i can customize within IIS. The only option i could find was customizing the data port channel range which i did and entered those ports on the firewall along with port 21. This did not work. Below is where filezilla is getting hung up.
Response: 150 Opening BINARY mode data connection.
Error: Connection timed out
Error: Failed to retrieve directory listing
Response: 150 Opening BINARY mode data connection.
Error: Connection timed out
Error: Failed to retrieve directory listing
The data channel port range only applies to passive mode (inbound) data channels... active mode data channels (outbound) are selected by the client... you can't control those ports from server side. Some firewall administrators simply decide "too bad, use passive mode" and some allow the server to make an outbound connection on any port over 1024.
ASKER
I'm currently using filezilla FTP client. As you already know, IIS for secure FTP. With my question in mind, what is the best way for me to configure what i already have in place to allow either a certain port range or single ports inbound?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Question was never answered.