fir3net
PPS-Firenetbanner-780.5x190-30-03-17

How to define a passive FTP port range in IIS 7

Within this article we will describe the required steps for defining a specific passive FTP port range within IIS 7.

  1. First of all permit the necessary ports through your edge firewall. Typically you will only need to allow FTP (rather then the data channel ports as well) as most firewalls include a FTP inspection engine that will open these ports dynamically.
  2. Open the IIS Manager, select the computer name, open FTP Firewall Support. Within here add the 'Data Channel Port Range' along with the 'External IP address'. The External IP address should be the internal IP address assigned to the server (i.e 10.x.x.x/172.16.x.x/192.168.x.x).
  3. Next restart the IIS service. Then issue a full stop and then start on the "Microsoft FTP Service".

Tags: FTP

About the Author

RDonato

R Donato

Rick Donato is the Founder and Chief Editor of Fir3net.com. He currently works as a Principal Network Security Engineer and has a keen interest in automation and the cloud.

You can find Rick on Twitter @f3lix001