How to configure Windows Firewall for FTP Server

At this moment, I am using one Windows Server 2008 running on an VPS (Virtual Private Server). Like before, I always want to setup system by myself to make sure to know what is on my system. The first time, I was thinking to use Linux server, but I changed my mind at last to choose Windows since uTorrent runs very well and is supported and recommended on almost well-known Private Torrent Trackers such as hd-torrents, bit-hdtv, bitme, bitspyder, … I can use XAMPP since I am very familiar with, but I just wanted to face with Windows stuff 🙂

I will briefly introduce some steps that you need to go though.

1. Need to install IIS7 and setup Web Server (if you want to share data through HTTP protocol) and FTP Server 7.5 based on these tutorials from IIS

2. The above steps are not difficult, they can be done around 30mins or 1h included waiting time. But the most difficult task is finding the way to configure Windows firewall for FTP Server even read this steps many times.

FTP Server has data channel and control channel (usually 21), so we need to forward all needed ports though Windows firewall. Below is setting for FTP Data channel Port Range:

If in Windows Firewall configuration, you just allow port 21, you can use command to list data, but you can’t read data since there is only one port for that. When I used FireZilla I got this message:

Error: Could not read from socket: ECONNRESET – Connection reset by peer
Error: Disconnected from server
Error: Failed to retrieve directory listing

So one important step here is let Windows Firewall understand and allow the FTP assigned ports by run those commands under Command Prompt as Administrator: (base on this help)

netsh advfirewall firewall add rule name=”FTP Service” action=allow service=ftpsvc protocol=TCP dir=in

And disable stateful FTP filtering so that the firewall does not block any FTP traffic:

netsh advfirewall set global StatefulFTP disable

So now I can enjoy download files from my server 🙂

{ 0 comments… add one }

Leave a Comment