<2017 November>
SunMonTueWedThuFriSat
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789

On this page...

Search

Links

Member of...


ASP Insiders

MVP Visual Developer ASP/ASP.NET

Enter CodeZone

Blog Categories

Microsoft

Blogroll

Deutsche Resourcen

Management

Sign In
 

#  Thursday, 10 May 2007

Today, I completed the setup for my IIS7 FTP site - enabling SSL for secure transfer. It took me a little while longer than expected, mostly because I was looking for passive mode transfer settings in the wrong place at first. To save others from repeating my mistakes, here is a quick step-by-step how to get up and running:

First, we need to configure passive transfers (PASV). This is configured at the server level

via the (in my opinion) not-so-intuitive "FTP Firewall Support":

This shows the following panel (I have opened the range 2200 to 2205):

This panel is also available at the site level (that's where I got stuck), but it won't be of any use.

Although the FTP server is configured for passive, the Windows firewall isn't (and remember, it is on by default!). You need to create an inbound rule for the passive ports like so:

Now we are ready to enable secure FTP - and this is rather simple. Go to your FTP site, and check that the FTP SSL Settings are configured as follows (you could also force SSL connections to make sure no one unintentionally connects with their pants down):

You are basically all set. Give your setup a try using eg FileZilla. Create a new site in Site Manager, and set the server type to "FTP over SSL (explicit encryption)":

The last step is to make sure you are using passive mode (in FileZilla, this is part of Advanced):

If you didn't miss a step, you now should be able to securely connect to your FTP site.

Categories: IIS
Thursday, 10 May 2007 13:42:29 (W. Europe Daylight Time, UTC+02:00)  #    Comments [0]

 



© Copyright 2017 Christoph Wille

newtelligence dasBlog 2.3.9074.18820
Subscribe to this weblog's RSS feed with SharpReader, Radio Userland, NewsGator or any other aggregator listening on port 5335 by clicking this button.   RSS 2.0|Atom 1.0  Send mail to the author(s)

 
Don't contact us via this (fleischfalle@alphasierrapapa.com) email address.