I prefer to use FileZilla FTP Server above the traditional IIS FTP module. FileZilla comes with a lite and lean GUI, great logging tools, connection (speed)limits and more. If you do not know FileZilla Server or the Filezilla Client I strongly encourage you to try them out at https://filezilla-project.org/
Setting up the FileZilla Server is straightforward, but after configuration the user/groups and directory you can have some trouble setting up the Windows Server 2012 Firewall. Traditional FTP uses port 21, you should open this on your Firewall (see below) but even after opening up this port some errors can rise to the occasion when using passive ftp.
If you haven’t use Filezilla Server before it is a pretty decent and easy to manage FTP/FTPS solution. While I don’t care for the Filezilla client (for several reasons, one of them being that it stores saved passwords in plaintext on your machine), the server software is okay it runs nicely on Windows Server 2012 R2 and it is. FileZilla FTP server is a very popular open-source solution. We can use it either as a desktop side solution or as a full server side solution. The desktop side solution is useful for a small installations. However, when we need a larger amount of the traffic or to server more users, the server side solution is only reasonable choice. FileZilla will install a service that runs whenever Windows boots up, so if you would rather only run the FTP server manually, select the appropriate option from the drop-down menu on the third screen. Source: www.howtogeek.com Once you are done with the FileZilla installation, the FileZilla interface will open.
I had the following problem:
When port 21 is configurated in the Firewall, and you have setup the users/groups in the FileZilla Server setup you still can encounter the problem above. By default the FTP client will connect through
passive mode, and opens a random port between 1-65535. Now this is a wide range and I do not recommend opening all these ports. Instead you can limit the range of these ports to let's say: 50100-51100.
So lets do this, configure FileZilla Server Passive Port Range:
- Open up the FileZilla GUI on your server.
- Click on the top menu
- From the tree menu click on
Passive mode settings.
- Now make sure the checkbox
Use custom port rangeis checked and enter
50100in the first box a and
51100in the second.
- Click OK
Now that you have finished setting up the custom port we can move forward to the Windows Server 2012 Firewall.
Configurating the Firewall
Lets open up the Firewall panel, press the Windows key on your keyboard and start typing
firewall. The result should be
Windows Firewall with advanced.... Click it or hit enter.
(Pro tip ;-) hit
Windows Key + R ->
firewall.cpl -> hit
- From the tree, select Inbound Rules.
- In the right panel, click
- A windows pops up, select
Portand click next.
- Make sure TCP is selected, and enter
50100-51100in the Specific local ports field.
Nextand make sure the
Allow connectionoption is selected. Then hit Next again.
- Select the zones where this rule need to be applied (in my case I have selected all the zones).
- Click Next and give this rule a recognizable name:
Passive FTP Ports - FileZilla.
- Click on Finish, and your done.
In case you have not yet added port 21 to the Firewall you can use the same steps, but instead of using port 50100-51100 just use port 21.
When connecting to your FTP Server the result now should be:
Feel free to comment or contact me!