Setup FTP on Windows Server 2008
If you’ve upgraded to Windows Server 2008, you’ll have noticed that it comes with a much better firewall compared to previous versions. It’s also a little more complicated to configure too.
Out of the box, FTP is disabled., you need to enable it, in addition, you’ll also need to upgrade the FTP software to v7.5, as the version that is bundled isn’t up to scratch (typical), though v7.5 is available as a free download from Microsoft. The installation process is simple, though do uninstall the current ftp server software first (v7.0).
Once it’s all setup, configuration is simple via the management console, though FTP firewall rules will need to be added to your server, this is slightly complicated for Passive FTP, as it means opening more ports than perhaps you first think, to do this, you have to resort to the cmd line:
To configure Windows Firewall to allow non-secure FTP traffic, use the following steps:
- Open a command prompt: click Start, then All Programs, then Accessories, then Command Prompt.
- To open port 21 on the firewall, type the following then hit enter:
netsh advfirewall firewall add rule name="FTP (non-SSL)" action=allow protocol=TCP dir=in localport=21
- To enable stateful FTP filtering that will dynamically open ports for data connections, type the following syntax then hit enter:
netsh advfirewall set global StatefulFtp enable
Now you need to go back into the FTP Firewall support option in the management console and setup a port range (something high like 50000-55000).
Additional Information:
More indepth information is available on the IIS site: Configuring Firewall FTP Settings.
Tags: firewall, ftp, windows server 2008
Leave a Reply