Windows 2000 ftp throught windows 2003 firewall

  • Thread starter Thread starter Jim
  • Start date Start date
J

Jim

I have a win 2003 SP2 server with IIS, FTP installed. I have unchecked the
"Anonymous" authentication for FTP so users will be required to enter their
id/pwd.

This works fine without the firwall running. But as soon as I turn the
firewall on, the user will be prompted for thier id/pwd and after a few
seconds, it errors with:

425: Can't open data connection

I have allowed exceptions on the firewall for ports 20 and 21.

What other port(s) do I need to open?

Thanks.
 
In article <emjOdT8oIHA.3428@TK2MSFTNGP02.phx.gbl>, Mon, 21 Apr 2008
08:32:07 -0700 Jim says...
> I have a win 2003 SP2 server with IIS, FTP installed. I have unchecked the
> "Anonymous" authentication for FTP so users will be required to enter their
> id/pwd.
>
> This works fine without the firwall running. But as soon as I turn the
> firewall on, the user will be prompted for thier id/pwd and after a few
> seconds, it errors with:
>
> 425: Can't open data connection
>
> I have allowed exceptions on the firewall for ports 20 and 21.
>
> What other port(s) do I need to open?
>
> Thanks.
>
In both active and passive ftp modes you need incoming TCP port 21.

If clients are expected to enter active mode,
you need at server side allow outgoing TCP connections from any ( or
reserved range ) port to remote port 20 ( ftp data ).

Active mode is available only for those clients
with public IP or at least forwarded port 20.

In case of passive mode ( client is firewalled or behind NAT router )
you need to allow incoming TCP connection
from any remote port to any local port
( or better reserved range - most ftp server sw allows it )
 
Might get a bit more use out of the right forum, this is windows 2000 ... try
reposting in the windows 2003 section.

--
Mr Ben


"Jim" wrote:

> I have a win 2003 SP2 server with IIS, FTP installed. I have unchecked the
> "Anonymous" authentication for FTP so users will be required to enter their
> id/pwd.
>
> This works fine without the firwall running. But as soon as I turn the
> firewall on, the user will be prompted for thier id/pwd and after a few
> seconds, it errors with:
>
> 425: Can't open data connection
>
> I have allowed exceptions on the firewall for ports 20 and 21.
>
> What other port(s) do I need to open?
>
> Thanks.
>
>
>
 
Back
Top