Server - FTP

Difference Between Active and Passive FTP ?

Active Mode

The client issues a PORT command to the server signaling that it will actively provide an IP and port number to open the Data Connection back to the client.


Passive Mode

The client issues a PASV command to indicate that it will wait passively for the server to supply an IP and port number, after which the client will create a Data Connection to the server.

View Details

How to Setup an FTP Server in Windows ?

How to install the FTP server components

  1. Open Turn Windows features on or off.
  2. Expand the Internet Information Services feature and expand the FTP server option.
  3. Check the FTP Extensibility and FTP Service options.
  4. Expand the Web Management Tools option and check the IIS Management Console option.
  5. Click OK then Close.


How to configure an FTP server site

  1. Open Internet Information Services (IIS) Manager.
  2. On the Connections pane, right-click Sites and select the Add FTP Site option.
  3. In the FTP site name, type a short descriptive name for the server.
  4. In the Content Directory section, under Physical path, click the ... to locate the folder you want to use to store your FTP files.
  5. Click Next.
  6. If your server is using static ip address, type the server ip, otherwise use the default Binding settings selections.
  7. Check the Start FTP site automatically option and check the No SSL option In the SSL section.
  8. Click Next.
  9. In the Authentication section, check the Basic option.
  10. In the Authorization section, use the drop-down menu, and select All Users.
  11. Check the Read and Write options.
  12. Click Finish.


Quick Tip : It's recommended to create a folder in the root of the main system drive, or on an entirely different hard drive. Otherwise, if you set the home folder in one of your default folders when adding multiple accounts, users won't have permission to access the folder. (You can adjust folder permissions, but it's not recommended.)


Configuring firewall rules

  1. Open Allow an app through Windows Firewall.
  2. Click Change settings.
  3. Check the FTP Server option, as well as the options to allow Private and Public access.


Allowing external connections

  1. Open your default web browser.
  2. On the address bar enter the router's IP address (for example: 192.168.1.1) and press Enter.
  3. Sign-in with your router credentials.
  4. Open the Port Forwarding page. (Usually, these settings can be found under the WAN, NAT, or Advanced settings pages.)
  5. Add a new rule to forward incoming connections to the FTP server from the internet by including this information below.
  6. Click Add.
  7. Click Apply.


Service name : Type a descriptive name for the port forwarding rule
Port range : 21
Local IP : This is the FTP server IP address that the router will forward incoming connections
Local port : 21
Protocol : TCP


Setting up a static IP address

  1. Open View network connections.
  2. Right-click the network adapter, and select the Properties option.
  3. Select the Internet Protocol Version 4 (TCP/IPv4) option.
  4. Click the Properties button.
  5. Select the Use the following IP address option.
  6. Specify the IP settings.
  7. Click OK then Close.


How to set up multiple FTP accounts

  1. Run dialog : netplwiz.
  2. Click Add to add the user you want to allow access to the FTP server.
  3. Click OK.


Configuring user accounts to FTP server

  1. Open Internet Information Services (IIS) Manager.
  2. On the left pane, expand Site sand select the site you created earlier.
  3. Double-click the FTP Authorization Rules option.
  4. On the right pane, click the Add Allow Rule option.
  5. Select one of these two options below.
  6. Check the Read and Write options.
  7. Click OK.


All Users : Allows every user configured on your Windows 10 device to access the FTP server
Specified users : You can use this option to specify all the users you want to access the FTP server. (You must separate each user using a comma.)


How to connect to an FTP server remotely

Viewing and downloading files

  1. Open a web browser.
  2. In the address bar, type the server IP address using ftp:// and press Enter. (For example, ftp://192.168.1.100)
  3. Type your account credentials.
  4. Click the Log on button.


Viewing, downloading, and uploading files

  1. Open File Explorer.
  2. In the address bar, type the server IP address using ftp:// and press Enter.
  3. Type your account credentials.
  4. Check the Save password option.
  5. Click the Log on button.
View Details

How to Specific Port Range for IIS FTP in passive mode ?

Configuration

  1. Open Internet Information Services (IIS) Manager.
  2. Double-click FTP Firewall Support.
  3. Enter the range of port number in the Data Channel Port Range field.
  4. Click Apply.
  5. Run dialog : services.msc.
  6. Find the Microsoft FTP Service.
  7. Right-click the service and click restart.


Note : It is not recommended using single port because it will limit the number of Client IP – Client Port – Server Port combinations. The FTP sessions are uniquely identified thanks to this combination. Using a single server port will result in having the same combination which may result in the concurrent FTP requests to be rejected. If the Data Channel Port Range field is grayed out, make sure that you are changing the server-level settings.


Confirmation

  1. Connect to your FTP host via an FTP client to confirm that the FTP service uses only the assigned port. Then check the IIS logs in this folder : C:\inetpub\logs\LogFiles\FTPSVC2.


Note : For the unsecured FTP service, IIS doesn’t use the port you assigned. Instead, it uses a random port number in the range from 1025 through 65535. IIS uses the port you specified in Data Channel Port Range field only via secure FTP service.
View Details