Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cannot connect to FTP while Windows Firewall is on

Posted on 2013-12-27
8
Medium Priority
?
690 Views
Last Modified: 2014-01-20
We are setting up FTP for Server1 (Win 2008). Windows Firewall needs to be on, as other programs depend on it.

When testing:
When Windows Firewall is on, the connection times out; but when the Firewall is off it tries to connect.
We added all default FTP rules, as well as allow port 21-23 on TCP and UDP, but still times out when trying to connect.

Has anyone ran into this and a fix for it?
0
Comment
Question by:jjwolven
8 Comments
 
LVL 22

Expert Comment

by:Jeremy Weisinger
ID: 39742451
Creating port exceptions won't work if the server is in active mode. You can try passive mode or, better yet, create a program firewall exception. That way any ports the program uses will automatically be allowed when it's listening on them.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39742456
You need to add the FTP program as an application to the firewall rules.  FTP uses ports 21 and 20 plus 'ephemeral' ports above port 1024.  The ephemeral ports change with every connection and/or data transfer.  See if this page helps: http://www.iis.net/learn/publish/using-the-ftp-service/configuring-ftp-firewall-settings-in-iis-7
0
 

Author Comment

by:jjwolven
ID: 39742483
So, if we are using Filezilla, we should setup an exception on the server's firewall for that program?

I thought that Filezilla was just making an FTP request to the server and that the filezilla program was not identifiable as the program being used.
What if I am just trying to FTP through Windows Explorer?
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
LVL 14

Expert Comment

by:comfortjeanius
ID: 39742495
Did you allow "Host Process for Windows Services"?

Windows key + r

Type: firewall.cpl

Click on "Allow a program or feature through Windows Firewall"

Make sure you have the appropriate boxes checked on "FTP Server"

Now check to see if you have "Host Process for Windows Services" allowed through the firewall.

If not click on "Allow another Program" ----> Browse to the C:\\Windows\System32 -------> svchost.exe ------> click "Open" -----> Click to "Add" "Host Process for Windows Services"

Now check the appropriate boxes and test the results.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 39742841
You will need to provide the firewall exception for the FTP server program that is on the server.  Filezilla client from another computer generally doesn't have a problem unless the server side isn't working.
0
 
LVL 5

Expert Comment

by:chanderpal singh rathore
ID: 39748009
Hi,

Windows Firewall can prevent an FTP connection. You can adjust the setting to allow FTP connections by doing the following:

Go to your Control Panel by clicking on the Windows Orb and clicking on "Control Panel". Click on "Network and Internet".  Click on "Windows Firewall". Click on "Change Setting" and then click on the "Exceptions" tab. Under that tab, put a check mark next to the FTP port 43. This should allow connections to FTP sites. Click "OK" on the Firewall settings and close the other windows. I would then restart your computer and try to connect to the FTP site again.
0
 

Author Comment

by:jjwolven
ID: 39748911
The FTP server program is the built in FTP in Windows.

We have allowed ports 20, 21, 22, and 43 without success, though the FTP is internal.
0
 
LVL 84

Accepted Solution

by:
Dave Baldwin earned 1500 total points
ID: 39749062
FTP also uses 'ephemeral' ports above 1024.  You can't just set a group of ports like that because FTP uses many others in it's normal operation.  You have to make the exception for the FTP Program, not just ports.  Did you read this article from Microsoft: http://www.iis.net/learn/publish/using-the-ftp-service/configuring-ftp-firewall-settings-in-iis-7
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
A phishing scam that claims a recipient’s credit card details have been “suspended” is the latest trend in spoof emails.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Suggested Courses

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question