Solved

Cannot connect to FTP while Windows Firewall is on

Posted on 2013-12-27
8
647 Views
Last Modified: 2014-01-20
We are setting up FTP for Server1 (Win 2008). Windows Firewall needs to be on, as other programs depend on it.

When testing:
When Windows Firewall is on, the connection times out; but when the Firewall is off it tries to connect.
We added all default FTP rules, as well as allow port 21-23 on TCP and UDP, but still times out when trying to connect.

Has anyone ran into this and a fix for it?
0
Comment
Question by:jjwolven
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 18

Expert Comment

by:Jeremy Weisinger
ID: 39742451
Creating port exceptions won't work if the server is in active mode. You can try passive mode or, better yet, create a program firewall exception. That way any ports the program uses will automatically be allowed when it's listening on them.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39742456
You need to add the FTP program as an application to the firewall rules.  FTP uses ports 21 and 20 plus 'ephemeral' ports above port 1024.  The ephemeral ports change with every connection and/or data transfer.  See if this page helps: http://www.iis.net/learn/publish/using-the-ftp-service/configuring-ftp-firewall-settings-in-iis-7
0
 

Author Comment

by:jjwolven
ID: 39742483
So, if we are using Filezilla, we should setup an exception on the server's firewall for that program?

I thought that Filezilla was just making an FTP request to the server and that the filezilla program was not identifiable as the program being used.
What if I am just trying to FTP through Windows Explorer?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 14

Expert Comment

by:comfortjeanius
ID: 39742495
Did you allow "Host Process for Windows Services"?

Windows key + r

Type: firewall.cpl

Click on "Allow a program or feature through Windows Firewall"

Make sure you have the appropriate boxes checked on "FTP Server"

Now check to see if you have "Host Process for Windows Services" allowed through the firewall.

If not click on "Allow another Program" ----> Browse to the C:\\Windows\System32 -------> svchost.exe ------> click "Open" -----> Click to "Add" "Host Process for Windows Services"

Now check the appropriate boxes and test the results.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 39742841
You will need to provide the firewall exception for the FTP server program that is on the server.  Filezilla client from another computer generally doesn't have a problem unless the server side isn't working.
0
 
LVL 5

Expert Comment

by:chanderpal singh rathore
ID: 39748009
Hi,

Windows Firewall can prevent an FTP connection. You can adjust the setting to allow FTP connections by doing the following:

Go to your Control Panel by clicking on the Windows Orb and clicking on "Control Panel". Click on "Network and Internet".  Click on "Windows Firewall". Click on "Change Setting" and then click on the "Exceptions" tab. Under that tab, put a check mark next to the FTP port 43. This should allow connections to FTP sites. Click "OK" on the Firewall settings and close the other windows. I would then restart your computer and try to connect to the FTP site again.
0
 

Author Comment

by:jjwolven
ID: 39748911
The FTP server program is the built in FTP in Windows.

We have allowed ports 20, 21, 22, and 43 without success, though the FTP is internal.
0
 
LVL 83

Accepted Solution

by:
Dave Baldwin earned 500 total points
ID: 39749062
FTP also uses 'ephemeral' ports above 1024.  You can't just set a group of ports like that because FTP uses many others in it's normal operation.  You have to make the exception for the FTP Program, not just ports.  Did you read this article from Microsoft: http://www.iis.net/learn/publish/using-the-ftp-service/configuring-ftp-firewall-settings-in-iis-7
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question