|
Home > Archive > IIS FTP Server > December 2005 > Server 2K3 FTP Server, PASV, and Windows Firewall
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Server 2K3 FTP Server, PASV, and Windows Firewall
|
|
| Jason S 2005-12-12, 6:02 pm |
| Hi All:
I have a windows server 2003 (SP1) machine located on the same private
subnet as my workstation. The server is running as an internal Web and FTP
server using IIS 6 for both services.
My problem is that with the internal Windows Firewall turned on, clients can
not connect to the FTP service with Passive (PASV) mode turned ON (which is
the default setting for IE and our other FTP clients).
With Passive mode turned off, and the firewall turned on everything works
fine.
With passive mode turned on, and the firewall turned off everything works
fine.
All other combinations end up with the timeout/could not connect error
messages when the client tries to get the directory listing.
I have tried configuring the PassivePortRange value in IIS' MetaBase, and
tried adding those port values to the Exception list - without success.
So my question is this: is there a way to configure IIS and/or the Windows
Firewall so that the firewall can be on, and allow PASV connections to work?
Thanks in advance,
- Jason
| |
| Bernard Cheah [MVP] 2005-12-20, 8:00 am |
| What port range you specify ?
base on the ftp log file, is it using the specific port range?
--
Regards,
Bernard Cheah
http://www.iis-resources.com/
http://www.iiswebcastseries.com/
http://www.msmvps.com/blogs/bernard/
"Jason S" <Jason S@discussions.microsoft.com> wrote in message
news:1B789FD7-1F03-4416-8785-161C07354F31@microsoft.com...
> Hi All:
>
> I have a windows server 2003 (SP1) machine located on the same private
> subnet as my workstation. The server is running as an internal Web and FTP
> server using IIS 6 for both services.
>
> My problem is that with the internal Windows Firewall turned on, clients
> can
> not connect to the FTP service with Passive (PASV) mode turned ON (which
> is
> the default setting for IE and our other FTP clients).
>
> With Passive mode turned off, and the firewall turned on everything works
> fine.
>
> With passive mode turned on, and the firewall turned off everything works
> fine.
>
> All other combinations end up with the timeout/could not connect error
> messages when the client tries to get the directory listing.
>
> I have tried configuring the PassivePortRange value in IIS' MetaBase, and
> tried adding those port values to the Exception list - without success.
>
> So my question is this: is there a way to configure IIS and/or the Windows
> Firewall so that the firewall can be on, and allow PASV connections to
> work?
>
> Thanks in advance,
> - Jason
|
|
|
|
|