SFTP ports, IIS, ASA
Posted on 2014-01-06
Server 2008 R2 Standard, IIS 7.5. Trying to set up SFTP (SSL) site for a single vendor. I want to open ports on ASA, for only their IP address. However, during testing I see that SFTP uses two ports, TCP 22 and then a randomly generated TCP port (Data Channel) in the 57K plus range (at least from logs so far).
I've gone into IIS and set Data Channel port range, but when I'm testing it is not using this 5 port range I configured, it is still randomly generated.
Obviously this sort of creates a problem from the Firewall point of view, as I do not know what ports will be used for the data channel.