{"id":51914,"date":"2023-05-27T09:18:40","date_gmt":"2023-05-27T08:18:40","guid":{"rendered":"https:\/\/ekiwi-blog.de\/51914\/iis-windows-ftp-server-setup\/"},"modified":"2023-05-27T10:29:36","modified_gmt":"2023-05-27T09:29:36","slug":"iis-windows-ftp-server-setup","status":"publish","type":"post","link":"https:\/\/ekiwi-blog.de\/en\/51914\/iis-windows-ftp-server-setup\/","title":{"rendered":"IIS Windows FTP Server Setup"},"content":{"rendered":"<p align=\"justify\"><a href=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/upload.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-3468 alignleft\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/upload.png\" alt=\"\" width=\"110\" height=\"110\" \/><\/a>Here we will show how to set up the Windows FTP server <abbr title=\"Internet Information Services\">IIS<\/abbr>. If you want to set up an FTP server with the on-board means of Windows, the Internet Information Services (<strong>IIS<\/strong>), it can quickly become a <em>pain in the ass<\/em> for anyone who does not frequently deal with it. Unfortunately, it is not as intuitive to set up as one might think, and there are many stumbling blocks to the desired success. So it can take hours to several days before you have solved all the problems as an occasional adminstrator.<\/p>\n<p align=\"justify\"><!--more--><\/p>\n\n<div class=\"aawp\">\n\n            \n            \n<div class=\"aawp-product aawp-product--horizontal aawp-product--bestseller aawp-product--ribbon\"  data-aawp-product-asin=\"B09MDGXHMF\" data-aawp-product-id=\"112826\" data-aawp-tracking-id=\"ekiwide0b-21\" data-aawp-product-title=\"HP Stream Laptop | 11,6  HD Display | Intel Celeron N4120 | 4GB DDR4 RAM | 64GB eMMC | Intel Grafik | Windows 11 S-Mode | QWERTZ Tastatur | Wei\u00df | inkl Microsoft Office 365 Single\">\n\n    <span class=\"aawp-product__ribbon aawp-product__ribbon--bestseller\">Bestseller No. 1<\/span>\n    <div class=\"aawp-product__thumb\">\n        <a class=\"aawp-product__image-link\"\n           href=\"https:\/\/www.amazon.de\/dp\/B09MDGXHMF?tag=ekiwide0b-21&linkCode=ogi&th=1&psc=1&keywords=book%20windows10%20experts\" title=\"HP Stream Laptop | 11,6' HD Display | Intel...\" rel=\"nofollow noopener sponsored\" target=\"_blank\">\n            <img decoding=\"async\" class=\"aawp-product__image\" src=\"https:\/\/m.media-amazon.com\/images\/I\/41zhKib1X3L._SL160_.jpg\" alt=\"HP Stream Laptop | 11,6' HD Display | Intel...\"  \/>\n        <\/a>\n\n            <\/div>\n\n    <div class=\"aawp-product__content\">\n        <a class=\"aawp-product__title\" href=\"https:\/\/www.amazon.de\/dp\/B09MDGXHMF?tag=ekiwide0b-21&linkCode=ogi&th=1&psc=1&keywords=book%20windows10%20experts\" title=\"HP Stream Laptop | 11,6' HD Display | Intel...\" rel=\"nofollow noopener sponsored\" target=\"_blank\">\n            HP Stream Laptop | 11,6\" HD Display | Intel...        <\/a>\n        <div class=\"aawp-product__description\">\n            <ul><li>Entdecke deine Welt auf eine ganz neue Art. Genie\u00dfe mit dem HP 11-ak0202ng Notebook Streams, Filme...<\/li><li>Der Intel Celeron N4120 quad Prozessor sorgt f\u00fcr die perfekte Kombination aus Leistung, geringem...<\/li><li>Mit Windows 11 S werden Anwendungen dank schneller Systemstartzeiten, besserer Reaktionsf\u00e4higkeit...<\/li><\/ul>        <\/div>\n    <\/div>\n\n    <div class=\"aawp-product__footer\">\n\n        <div class=\"aawp-product__pricing\">\n            \n                            <span class=\"aawp-product__price aawp-product__price--current\">122,30 EUR<\/span>\n            \n                    <\/div>\n\n                <a class=\"aawp-button aawp-button--buy aawp-button--icon aawp-button--icon-black\" href=\"https:\/\/www.amazon.de\/dp\/B09MDGXHMF?tag=ekiwide0b-21&#038;linkCode=ogi&#038;th=1&#038;psc=1&#038;keywords=book%20windows10%20experts\" title=\"Buy on Amazon\" target=\"_blank\" rel=\"nofollow noopener sponsored\">Buy on Amazon<\/a>\n            <\/div>\n\n<\/div>\n\n    \n<\/div>\n\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_82_2 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of content<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/ekiwi-blog.de\/en\/51914\/iis-windows-ftp-server-setup\/#Enabling_FTP_services\" >Enabling FTP services<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/ekiwi-blog.de\/en\/51914\/iis-windows-ftp-server-setup\/#Create_a_new_FTP_page\" >Create a new FTP page<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/ekiwi-blog.de\/en\/51914\/iis-windows-ftp-server-setup\/#Binding_and_SSL_settings\" >Binding and SSL settings<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/ekiwi-blog.de\/en\/51914\/iis-windows-ftp-server-setup\/#Authentication_and_authorisation_information\" >Authentication and authorisation information<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/ekiwi-blog.de\/en\/51914\/iis-windows-ftp-server-setup\/#Port_Shares_Passive_FTP\" >Port Shares Passive FTP<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/ekiwi-blog.de\/en\/51914\/iis-windows-ftp-server-setup\/#It_works_or_it_doesnt\" >It works or it doesn&#8217;t!?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/ekiwi-blog.de\/en\/51914\/iis-windows-ftp-server-setup\/#Dynamic_port_range_under_Windows\" >Dynamic port range under Windows<\/a><\/li><\/ul><\/nav><\/div>\n<h3><span class=\"ez-toc-section\" id=\"Enabling_FTP_services\"><\/span>Enabling FTP services<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p align=\"justify\">First of all, at least the IIS management console and the FTP service must be activated <a title=\"Stream any sound to Sonos under Windows\" href=\"https:\/\/ekiwi-blog.de\/en\/49535\/stream-any-sound-to-sonos-under-windows\/\">under Windows<\/a> Features.<br \/>\nTo do this, call up Windows Features via <strong>Control Panel -&gt; Programs and Features -&gt; Enable or <a title=\"Windows 11 Home: Disable Windows Defender\" href=\"https:\/\/ekiwi-blog.de\/en\/17586\/windows-11-home-disable-windows-defender\/\">Disable Windows<\/a> Features<\/strong>.<br \/>\nIn the tree, go to <strong><a title=\"Timeout during PPP negotiation\" href=\"https:\/\/ekiwi-blog.de\/en\/26493\/timeout-during-ppp-negotiation\/\">Internet<\/a> Information Services<\/strong> and activate <strong>FTP Service<\/strong> under FTP Server and <strong>IIS Management Service<\/strong> and <strong>IIS Management Console<\/strong> under Web Management Tools.<br \/>\n<a href=\"http:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/windows-features-1.png\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin-left: auto; display: block; padding-right: 0px; margin-right: auto; border-width: 0px;\" title=\"windows-features\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/windows-features_thumb-1.png\" alt=\"windows-features\" width=\"428\" height=\"380\" border=\"0\" \/><\/a><\/p>\n<p align=\"justify\">Then open the Internet Information Services (IIS) Manager, for example, via <strong>Start -&gt; Windows Administrative Tools<\/strong>.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Create_a_new_FTP_page\"><\/span>Create a new FTP page<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p align=\"justify\">In the IIS manager, create a new FTP site with <strong>Add FTP site<\/strong> by <strong>right-clicking<\/strong> in the left window on <strong>Sites<\/strong>.<img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin-left: auto; display: block; padding-right: 0px; margin-right: auto; border-width: 0px;\" title=\"Add FTP Site in IIS Manager\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/ftp-site-hinzufuegen-1.png\" alt=\"Add FTP Site in IIS Manager\" width=\"505\" height=\"332\" border=\"0\" \/><\/p>\n<p align=\"justify\">Now you have to assign a <strong>FTP site name<\/strong>, which can be individual, and define the <strong>physical path<\/strong> under which the documents and files are to be stored. FTP access from outside is then made to this path. In the example image, the default directory for the web server was selected. However, other physical folders are also possible. Later, you can also define virtual directories that refer to paths outside the specified physical path. However, this will not be discussed further here.<br \/>\nThen click on <strong>Next<\/strong>.<br \/>\n<img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin-left: auto; display: block; padding-right: 0px; margin-right: auto; border-width: 0px;\" title=\"Enter Site Information FTP Site Name and Physical Path\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/ftp-site-siteinformationen-1.png\" alt=\"Enter Site Information FTP Site Name and Physical Path\" width=\"679\" height=\"522\" border=\"0\" \/><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Binding_and_SSL_settings\"><\/span>Binding and SSL settings<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p align=\"justify\">In the binding and SSL settings, you can make settings for encryption, as well as assign specific hostnames or IP addresses to the FTP service<\/p>\n<p align=\"justify\">The assignment of an <strong>IP address<\/strong> remains empty in our case. If you manage several FTP server sites, each one must be bound to its own IP address. If necessary, you can change the <strong>port<\/strong> if the FTP standard port is already occupied and used elsewhere. By default, this is set to port 21.<strong>Virtual host names<\/strong> can be used when working with domain names in the internal network.<br \/>\nWe are not interested in virtual host names at this point either. This is interesting in larger networks where, for example, you work with domain names (domain controllers) or if you want to bind several FTP servers to one IP address.<br \/>\nIn any case, you should activate <strong>SSL allowed<\/strong> or better <strong>SSL required<\/strong> so that the FTP connection is encrypted in the future. You also have to select an SSL certificate. In our case, we select an existing certificate. The IIS manager also offers the possibility to create your own certificate (self-signed). Of course, this is not accepted by all clients and there are corresponding warning messages. To avoid this, you need a public certificate from a corresponding certification authority (CA).<br \/>\n<img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin-left: auto; display: block; padding-right: 0px; margin-right: auto; border-width: 0px;\" title=\"FTP Binding and SSL Settings\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/ftp-bindungs-ssl-einstellungen-1.png\" alt=\"FTP Binding and SSL Settings\" width=\"674\" height=\"517\" border=\"0\" \/><\/p>\n<h3><span class=\"ez-toc-section\" id=\"Authentication_and_authorisation_information\"><\/span>Authentication and authorisation information<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p align=\"justify\">The next step is the authentication and authorisation information. Here we leave the default settings for the time being. This will be adjusted again later.<br \/>\n<strong><u>For information:<\/u><\/strong> If you leave <strong>Anonymous<\/strong> activated, you can log in with the user name Anonymous and the e-mail address as password.<br \/>\nStandard requires login to the FTP server with user name and password. Dedicated user groups (also of an ActiveDirectory) or user accounts can then be defined that are allowed access.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin-left: auto; display: block; padding-right: 0px; margin-right: auto; border-width: 0px;\" title=\"FTP Authentication and Authorisation Information\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/ftp-authentifizierungs-autorisierungsinformationen-1.png\" alt=\"FTP Authentication and Authorisation Information\" width=\"681\" height=\"518\" border=\"0\" \/><\/p>\n<p><strong>Set up FTP user for access from outside<\/strong>.<\/p>\n<p align=\"justify\">For external access, there must be a separate user\/user who is known to the Windows system and who has the appropriate authorisations.<br \/>\nA separate user must be set up under Windows. We do this via the console with<\/p>\n<p><code><code>net user ftpuser2 * \/add<\/code><\/code><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin-left: auto; display: block; padding-right: 0px; margin-right: auto; border-width: 0px;\" title=\"Console Net-User-Add\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/net-user-add-1.png\" alt=\"Console Net-User-Add\" width=\"515\" height=\"72\" border=\"0\" \/><\/p>\n<p align=\"justify\">You can thus also create several different accounts, for example to assign each authorised person their own account.<br \/>\nNow the new FTP account must be assigned the appropriate permissions to the folder of the FTP site. This can be done via the console with<\/p>\n<p align=\"justify\"><code>ICACLS c:\\inetpub\\wwwroot \/grant ftpuser:(OI)(CI)(M) <\/code><code> <\/code><\/p>\n<p align=\"justify\">Or you can <strong>right-click<\/strong> in the IIS manager on the <strong>FTP site<\/strong> and select <strong>Edit permissions -&gt; security<\/strong>. Alternatively, <em>Windows Explorer<\/em> <strong>right-click<\/strong> on the <strong>FTP folder -&gt; Properties &gt; Security<\/strong>.<\/p>\n<p align=\"justify\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-11895\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/ftpuser-berechtigungen.png\" alt=\"\" width=\"358\" height=\"476\" srcset=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/ftpuser-berechtigungen.png 358w, https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/ftpuser-berechtigungen-226x300.png 226w\" sizes=\"auto, (max-width: 358px) 100vw, 358px\" \/><\/p>\n<p align=\"justify\">Now we select our <strong>FTP site<\/strong> again in the IIS manager and go to <strong>FTP authentication<\/strong> and deactivate anonymous authentication there.<\/p>\n<p align=\"justify\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin-left: auto; display: block; padding-right: 0px; margin-right: auto; border-width: 0px;\" title=\"Disable FTP Authentication Anonymous Authentication\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/ftp-authentifizierung.png\" alt=\"Disable FTP Authentication Anonymous Authentication\" width=\"640\" height=\"131\" border=\"0\" \/><\/p>\n<p align=\"justify\">Then go to <strong>FTP Authorisation -&gt; Add permission rule<\/strong> and add the FTP user set up with <em>Read<\/em> and <em>Write<\/em> permissions.<\/p>\n<p align=\"justify\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin-left: auto; display: block; padding-right: 0px; margin-right: auto; border-width: 0px;\" title=\"Add Authorisation Permission Rule\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/authorisierungszulassungsregel-hinzufuegen.png\" alt=\"Add Authorisation Permission Rule\" width=\"479\" height=\"430\" border=\"0\" \/><\/p>\n<p align=\"justify\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin-left: auto; display: block; padding-right: 0px; margin-right: auto; border-width: 0px;\" title=\"FTP Authorisation FTPUser Allow Read and Write\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/ftp-authorisierung.png\" alt=\"FTP Authorisation FTPUser Allow Read and Write\" width=\"640\" height=\"123\" border=\"0\" \/><\/p>\n<p align=\"justify\">Now you would think that access from an FTP client should theoretically already work from your own network. However, in most cases this will not work because the Windows firewall on the computer on which the FTP server is running must either be deactivated for test purposes or configured accordingly to the specified port.<\/p>\n<p align=\"justify\">To do this, call up the Windows firewall via the <strong>Start menu<\/strong> or use <strong>Control Panel-&gt;System and Security-&gt;Windows Firewall<\/strong>. Go to <strong>Advanced Settings -&gt; Incoming Rules -&gt; New Rule &#8230; -&gt; Port<\/strong> and there release the required ports. As we will see in a moment, a <u>dynamic port range<\/u> must also be released here at the end.<\/p>\n<p align=\"justify\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin-left: auto; display: block; padding-right: 0px; margin-right: auto; border-width: 0px;\" title=\"Windows Firewall Ports Release\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/windows-firewall-portfreigaben.png\" alt=\"Windows Firewall Ports Release\" width=\"640\" height=\"384\" border=\"0\" \/><\/p>\n<p align=\"justify\">At the latest, access with our created user account from the local network from an FTP client should work.<br \/>\nWhat will <a title=\"Windows: AltGr does not work\" href=\"https:\/\/ekiwi-blog.de\/en\/25266\/windows-altgr-does-not-work\/\">not work<\/a> is access from outside the local network, e.g. from the Internet. For this, the corresponding port releases must also be configured on the hardware firewall or router. How these settings are to be made depends on the respective device. With the <em>FRITZ!Box<\/em>, this can be done under <strong>Internet -&gt; Shares -&gt; Port Shares<\/strong>.<\/p>\n\n<div class=\"aawp\">\n\n            \n            \n<div class=\"aawp-product aawp-product--horizontal aawp-product--bestseller aawp-product--ribbon\"  data-aawp-product-asin=\"B0BPHN39SL\" data-aawp-product-id=\"112037\" data-aawp-tracking-id=\"ekiwide0b-21\" data-aawp-product-title=\"QNAP TS-464-8G NAS\">\n\n    <span class=\"aawp-product__ribbon aawp-product__ribbon--bestseller\">Bestseller No. 1<\/span>\n    <div class=\"aawp-product__thumb\">\n        <a class=\"aawp-product__image-link\"\n           href=\"https:\/\/www.amazon.de\/dp\/B0BPHN39SL?tag=ekiwide0b-21&linkCode=ogi&th=1&psc=1&keywords=qnap%20nas\" title=\"QNAP TS-464-8G NAS\" rel=\"nofollow noopener sponsored\" target=\"_blank\">\n            <img decoding=\"async\" class=\"aawp-product__image\" src=\"https:\/\/m.media-amazon.com\/images\/I\/217n2n5b5RL._SL160_.jpg\" alt=\"QNAP TS-464-8G NAS\"  \/>\n        <\/a>\n\n            <\/div>\n\n    <div class=\"aawp-product__content\">\n        <a class=\"aawp-product__title\" href=\"https:\/\/www.amazon.de\/dp\/B0BPHN39SL?tag=ekiwide0b-21&linkCode=ogi&th=1&psc=1&keywords=qnap%20nas\" title=\"QNAP TS-464-8G NAS\" rel=\"nofollow noopener sponsored\" target=\"_blank\">\n            QNAP TS-464-8G NAS        <\/a>\n        <div class=\"aawp-product__description\">\n            <ul><li>Hochwertige Material<\/li><li>Langlebig<\/li><li>Robustheit<\/li><\/ul>        <\/div>\n    <\/div>\n\n    <div class=\"aawp-product__footer\">\n\n        <div class=\"aawp-product__pricing\">\n            \n                            <span class=\"aawp-product__price aawp-product__price--current\"><\/span>\n            \n                    <\/div>\n\n                <a class=\"aawp-button aawp-button--buy aawp-button--icon aawp-button--icon-black\" href=\"https:\/\/www.amazon.de\/dp\/B0BPHN39SL?tag=ekiwide0b-21&#038;linkCode=ogi&#038;th=1&#038;psc=1&#038;keywords=qnap%20nas\" title=\"Buy on Amazon\" target=\"_blank\" rel=\"nofollow noopener sponsored\">Buy on Amazon<\/a>\n            <\/div>\n\n<\/div>\n\n    \n<\/div>\n\n<h3><span class=\"ez-toc-section\" id=\"Port_Shares_Passive_FTP\"><\/span>Port Shares Passive FTP<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p align=\"justify\">In most cases, one will configure <em>Passive FTP access<\/em> because Active FTP access can cause problems client-side, as with Active FTP the connection to the data port is initiated by the server, which is often blocked by client-side firewalls.<br \/>\nIf you want to configure passive FTP, you must know that a dynamic port range is required for this <strong>(&gt;port 1024<\/strong>). Here the client establishes the two port connections for the control connection and for the data connection. The client tells the server with the <em>PASSV<\/em> command that it is listening to port <em>XXXXX<\/em>. For this, however, the corresponding port range must be enabled on the server side.<br \/>\nIn the IIS Manager, select the <strong>top node <\/strong> in the left tree structure and then select <strong>FTP Firewall Support<\/strong>. Now enter a port range (&gt;1024) under <strong>Data channel port range<\/strong>. The port range defined here must now also be released in the Windows firewall and in the router or hardware firewall. (The top node must be selected because the port releases apply to all FTP sites if, for example, you have several)<\/p>\n<p align=\"justify\"><u><strong>Note:<\/strong><\/u> Before doing this, you should check which port range shares your router or hardware firewall allows. With the current <em>FRITZ!Box<\/em> version, only one port range of 255 ports can be shared at a time.<\/p>\n<p align=\"justify\"><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin-left: auto; display: block; padding-right: 0px; margin-right: auto; border-width: 0px;\" title=\"FTP Firewall Support Set Data Channel Port Range\" src=\"http:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/ftp-firewallunterst%C3%BCtzung-datenkanal-portbereich.png\" alt=\"FTP Firewall Support Set Data Channel Port Range\" width=\"640\" height=\"364\" border=\"0\" \/><\/p>\n<h3><span class=\"ez-toc-section\" id=\"It_works_or_it_doesnt\"><\/span>It works or it doesn&#8217;t!?<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p align=\"justify\">Now the moment has come when FTP access from outside via the Internet should also work. <em>And the hairs on the back of your neck stand up with a flushed head and 180 pulse when it still doesn&#8217;t work after this odyssey!<\/em> Such was the case with me, so the search for the cause went on, but I lacked the approaches for further sources of error Aarrrrgh!<\/p>\n<p align=\"justify\">I now watched the messages and commands of my FTP client, in my case Total Commander. At some point, I noticed the following message:<\/p>\n<p align=\"centre\"><strong>227 Entering Passive Mode (188,103,164,96,228,201)<\/strong><\/p>\n<p align=\"centre\"><strong>Generalised: 227 Entering Passive Mode (A,B,C,D,m,n)<\/strong><\/p>\n<p align=\"justify\">In the bracket expression, I was able to identify the first four blocks of digits as the IP address (188.103.164.96) I got from the <abbr title=\"Internet Service Provider\">ISP<\/abbr>. Now the assumption was that the remaining two blocks of digits had something to do with the port. However, this is an unusual notation. If anyone knows in which standard or guideline this notation is specified, please comment here! In any case, the port number can be calculated using <strong><span style=\"font-size: large;\">m<\/span><\/strong> and <strong><span style=\"font-size: large;\">n<\/span><\/strong>; it is more or less a straight-line equation:<\/p>\n<p align=\"centre\"><strong>Port=256*m+n<\/strong><\/p>\n<p>Via this calculation, I was able to determine that the port addressed 58.569=256*228+201 was far outside the released port range. How could this be? Perplexity again.<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Dynamic_port_range_under_Windows\"><\/span>Dynamic port range under Windows<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Under Windows, default values are defined for the <a title=\"Default values for dynamic port range under Windows\" href=\"https:\/\/support.microsoft.com\/de-de\/help\/929851\/the-default-dynamic-port-range-for-tcp-ip-has-changed-in-windows-vista\" target=\"_blank\" rel=\"noopener noreferrer\">Dynamic port range<\/a>. In the console you can view this port range with<\/p>\n<p align=\"centre\"><strong><code>netsh int ipv4 show dynamicport tcp<\/code><\/strong><\/p>\n<p>to have it displayed.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" style=\"background-image: none; float: none; padding-top: 0px; padding-left: 0px; margin-left: auto; display: block; padding-right: 0px; margin-right: auto; border-width: 0px;\" title=\"Console netsh int ipv4 show dynamicport tcp\" src=\"https:\/\/ekiwi-blog.de\/wp-content\/uploads\/2017\/04\/netsh_iplisten.png\" alt=\"Console netsh int ipv4 show dynamicport tcp\" width=\"315\" height=\"97\" border=\"0\" \/><\/p>\n<p>The result here shows a port range of <em>49152-65536<\/em>. The mentioned port <em>58,569<\/em> is also within this range. It is difficult to judge whether this is a bug. However, if the dynamic port range is set to the port range defined in the IIS FTP server, access via the Internet from outside also works. The new port range can also be set via the console with :<\/p>\n<p align=\"centre\"><strong><code>netsh int ipv4 set dynamicport tcp start=56792 num=255<\/code><\/strong><\/p>\n<p>After you have completed all these steps, nothing should stand in the way of successful FTP access. On the one hand, this shows the power of the Windows FTP server, which probably leaves nothing to be desired for most admins, and on the other hand, the many additional settings of the Windows system, for which one does not even know whether it is a bug or a feature.<\/p>\n\n<div class=\"aawp\">\n\n            \n            \n<div class=\"aawp-product aawp-product--horizontal aawp-product--ribbon aawp-product--sale aawp-product--bestseller\"  data-aawp-product-asin=\"B0DS93SRHF\" data-aawp-product-id=\"113583\" data-aawp-tracking-id=\"ekiwide0b-21\" data-aawp-product-title=\"Windows 11 Pro - 1 Ger\u00e4t - KEINE CD\">\n\n    <span class=\"aawp-product__ribbon aawp-product__ribbon--sale\">Sale<\/span><span class=\"aawp-product__ribbon aawp-product__ribbon--bestseller\">Bestseller No. 1<\/span>\n    <div class=\"aawp-product__thumb\">\n        <a class=\"aawp-product__image-link\"\n           href=\"https:\/\/www.amazon.de\/dp\/B0DS93SRHF?tag=ekiwide0b-21&linkCode=ogi&th=1&psc=1&keywords=windows10\" title=\"Windows 11 Pro - 1 Ger\u00e4t - KEINE CD\" rel=\"nofollow noopener sponsored\" target=\"_blank\">\n            <img decoding=\"async\" class=\"aawp-product__image\" src=\"https:\/\/m.media-amazon.com\/images\/I\/41-q7GFaDfL._SL160_.jpg\" alt=\"Windows 11 Pro - 1 Ger\u00e4t - KEINE CD\"  \/>\n        <\/a>\n\n            <\/div>\n\n    <div class=\"aawp-product__content\">\n        <a class=\"aawp-product__title\" href=\"https:\/\/www.amazon.de\/dp\/B0DS93SRHF?tag=ekiwide0b-21&linkCode=ogi&th=1&psc=1&keywords=windows10\" title=\"Windows 11 Pro - 1 Ger\u00e4t - KEINE CD\" rel=\"nofollow noopener sponsored\" target=\"_blank\">\n            Windows 11 Pro - 1 Ger\u00e4t - KEINE CD        <\/a>\n        <div class=\"aawp-product__description\">\n            <ul><li>KEINE CD \/ KEIN PAKET<\/li><li>AKTIVIERUNGSINFORMATIONEN AUF IHRER RECHNUNG<\/li><li>Bei vorinstalliertem Windows HOME muss vor der Aktivierung ein Upgrade gem\u00e4\u00df Anleitung erfolgen...<\/li><\/ul>        <\/div>\n    <\/div>\n\n    <div class=\"aawp-product__footer\">\n\n        <div class=\"aawp-product__pricing\">\n                                                        \n                            <span class=\"aawp-product__price aawp-product__price--current\">28,90 EUR<\/span>\n            \n                    <\/div>\n\n                <a class=\"aawp-button aawp-button--buy aawp-button--icon aawp-button--icon-black\" href=\"https:\/\/www.amazon.de\/dp\/B0DS93SRHF?tag=ekiwide0b-21&#038;linkCode=ogi&#038;th=1&#038;psc=1&#038;keywords=windows10\" title=\"Buy on Amazon\" target=\"_blank\" rel=\"nofollow noopener sponsored\">Buy on Amazon<\/a>\n            <\/div>\n\n<\/div>\n\n            \n            \n<div class=\"aawp-product aawp-product--horizontal aawp-product--bestseller aawp-product--ribbon\"  data-aawp-product-asin=\"B010S3VOEO\" data-aawp-product-id=\"113658\" data-aawp-tracking-id=\"ekiwide0b-21\" data-aawp-product-title=\"Microsoft Windows 10 Pro 64bit\">\n\n    <span class=\"aawp-product__ribbon aawp-product__ribbon--bestseller\">Bestseller No. 2<\/span>\n    <div class=\"aawp-product__thumb\">\n        <a class=\"aawp-product__image-link\"\n           href=\"https:\/\/www.amazon.de\/dp\/B010S3VOEO?tag=ekiwide0b-21&linkCode=ogi&th=1&psc=1&keywords=windows10\" title=\"Microsoft Windows 10 Pro 64bit\" rel=\"nofollow noopener sponsored\" target=\"_blank\">\n            <img decoding=\"async\" class=\"aawp-product__image\" src=\"https:\/\/m.media-amazon.com\/images\/I\/31VSfofaAPL._SL160_.jpg\" alt=\"Microsoft Windows 10 Pro 64bit\"  \/>\n        <\/a>\n\n            <\/div>\n\n    <div class=\"aawp-product__content\">\n        <a class=\"aawp-product__title\" href=\"https:\/\/www.amazon.de\/dp\/B010S3VOEO?tag=ekiwide0b-21&linkCode=ogi&th=1&psc=1&keywords=windows10\" title=\"Microsoft Windows 10 Pro 64bit\" rel=\"nofollow noopener sponsored\" target=\"_blank\">\n            Microsoft Windows 10 Pro 64bit        <\/a>\n        <div class=\"aawp-product__description\">\n            <ul><li>Auf jedem Windows 10 f\u00e4higen PC und Laptop installierbar<\/li><li>Online aktivierbar<\/li><li>Nur f\u00fcr Neuinstallation nutzbar<\/li><\/ul>        <\/div>\n    <\/div>\n\n    <div class=\"aawp-product__footer\">\n\n        <div class=\"aawp-product__pricing\">\n            \n                            <span class=\"aawp-product__price aawp-product__price--current\">129,00 EUR<\/span>\n            \n                    <\/div>\n\n                <a class=\"aawp-button aawp-button--buy aawp-button--icon aawp-button--icon-black\" href=\"https:\/\/www.amazon.de\/dp\/B010S3VOEO?tag=ekiwide0b-21&#038;linkCode=ogi&#038;th=1&#038;psc=1&#038;keywords=windows10\" title=\"Buy on Amazon\" target=\"_blank\" rel=\"nofollow noopener sponsored\">Buy on Amazon<\/a>\n            <\/div>\n\n<\/div>\n\n    \n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Here we will show how to set up the Windows FTP server IIS. If you want to set up an<\/p>\n","protected":false},"author":2,"featured_media":14675,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1552],"tags":[3079,3081,3083,1871,2831,3069,3071,3082,3084,3085,3075,3077,3073,3086,2068],"class_list":["post-51914","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-internet-en","tag-data-channel-en","tag-dynamic-port-range-en","tag-dynamicport-en","tag-firewall-en","tag-ftp-en","tag-iis-en","tag-internet-information-services-en","tag-netsh-en","tag-passive-en","tag-permissions-en","tag-port-en","tag-port-range-en","tag-ssl-en","tag-user-en","tag-windows-en-2"],"_links":{"self":[{"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/posts\/51914","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/comments?post=51914"}],"version-history":[{"count":0,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/posts\/51914\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/media\/14675"}],"wp:attachment":[{"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/media?parent=51914"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/categories?post=51914"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ekiwi-blog.de\/en\/wp-json\/wp\/v2\/tags?post=51914"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}