Re: FTP on Server 2008

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

"Tim Judd" <tjudd01@xxxxxxxxxxx> wrote in message
news:%23FP8d2NTKHA.4364@xxxxxxxxxxxxxxxxxxxxxxx
Steve wrote:
I have one Server 2008 just ahead main ADSL router. Through port
forwarding I can access it from outside.
I have enabled ports 21 and 443 also, but cannot access to the Server.

I checked telnet server 21 and 443 from this server, but it isn't opened,
even FTP is enabled in Windows Firewall with Advanced Security.

Please help, how to open ports 21, 80 and 443 on Server 2008?

FTP is still having problems through firewalls. It's a protocol designed
before firewalls, so the concept of passing through firewalls is foreign
to it. So far, all we have are workarounds to a protocol that doesn't
naturally fit on RFC1918 addresses.

FTP uses TCP port 21 for it's "command channel" where all the commands,
status prompts and feedback are on.
FTP also uses TCP port 20 (the "data channel"), and random (ports >1024
all the way through the highest port, 65535) ports to transfer the actual
data.
Allowing 21 through only allows the command channel through. You won't be
able to transfer files. Since passive FTP lets the FTP server connect to
the client at random ports, firewalls block that. Whether the blocking is
outgoing or incoming, it's blocked.

To have successful FTP, in the protocol it was written for, the machine
has to be completely exposed on that IP. No firewall action on either
end.


I haven't yet seen the .dll or .exe that serves as the ftp server (for
Active or Passive mode) to allow it through the firewalls.



Good luck.


FTP works very well on ISA server and through only port 21. I'll revert back
to ISA firewall and setup it again.


.

Relevant Pages

  • Re: passiver FTP auf windows server 2003
    ... aber nur bestimte Ports per TCP/IP ... Dies ist dann das Problem beim passiven FTP. ... Ich hoffe Du hast noch sowas wie eine Firewall vor dem Server stehen, ...
    (microsoft.public.de.german.windows.server.setup)
  • FTP [partially] explained (was Re: Cant obtain 4.11 ?)
    ... >> I am not really up on active vs. passive FTP. ... > or to have the server initiate a separate data connection. ... > latter often breaks on firewalls that don't explicitly support ftp. ... the FTP server accepts a PORT ...
    (comp.unix.bsd.freebsd.misc)
  • Re: FTP server behind NAT using Kerio
    ... > I have a Windows 2000 FTP server running behind a Linksys DSL router. ... it is ftp at work. ... > Can I open up a range of outgoing ports for IIS? ...
    (comp.security.firewalls)
  • Re: ServU-deamon trojan warning with McAfee
    ... FTP FTP FTP. ... You did it to yourself by having FTP server on your SBS box without the ... > software didn't pick up this infection altough the DAT file included the ... > document what ports need to be opened and for what reason? ...
    (microsoft.public.backoffice.smallbiz2000)
  • About utility of a firewall with win2000 server
    ... I'm configuring a webserver. ... It will be used exclusively for web services (http and ftp). ... All the ports are opened as soon as an IP adress is affected? ... dans un datacenter. ...
    (microsoft.public.win2000.security)