How to define a passive FTP port range in IIS 7

Within this article we will describe the required steps for defining a specific passive FTP port range within IIS 7.

  1. First of all permit the necessary ports through your edge firewall. Typically you will only need to allow FTP (rather then the data channel ports as well) as most firewalls include a FTP inspection engine that will open these ports dynamically.
  2. Open the IIS Manager, select the computer name, open FTP Firewall Support. Within here add the ‘Data Channel Port Range’ along with the ‘External IP address’. The External IP address should be the internal IP address assigned to the server (i.e 10.x.x.x/172.16.x.x/192.168.x.x).
  3. Next restart the IIS service. Then issue a full stop and then start on the “Microsoft FTP Service”.
Rick Donato

Want to become a Windows expert?

Here is our hand-picked selection of the best courses you can find online:
Windows Server 2019 Administration course
Windows 10 Troubleshooting course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial