Monday, April 14, 2008

Microsoft IIS FTP Server Does Not Work with Passive FTP


Typical User Complaints:
  • I can log into an FTP site, but I cannot list the directory. It hangs.
  • My FTP hangs
  • FTP works from the office but FTP does not work from my home
  • Typical of a Microsoft Windows product, FTP does not work (not entirely true)
  • Microsoft Windows Server 2003 does not support Passive FTP (not true)

You have set up an IIS server on the Internet on Microsoft Windows 2003 R2 server. Everything appears to be going normally. You can FTP to "yourself" from within the same server, so you know FTP is working. Now you find out that people cannot see the directory when they connect to the FTP server. They can log in and connect but connection breaks as soon as the user tries to get a directory listing or try to send a file.

The Cause:

Your IIS Server, by default, does not support Passive FTP, and whoever trying to access your FTP server is opening the FTP server behind their own firewall and Network Address Translation (NAT). That's 99% of the case from Cable Modem and DSL users.

The Fix:

You will need to do two things.

Using wscript, you need to configure the IIS Metabase so that IIS allows the use of ports for Passive FTP, then restart the IIS.

Using anther batch script, you will need to add EACH port number in the Windows firewall exceptions list.

This site seems to give you the complete information on the whole issue and how to fix it step by step.

No comments: