0

Okay so Google is letting me down just due to the sheer volume of stuff related but not specific to my problem that I could find.

I have a c# program that connects to various ftp sites and downloads the info then dumps it into a database for me. On server 2003 r2 I have no issues with this program running. Due to the situation, I am having to locate this code to windows server 2008 r2. It works fine as far as running but it had issues connecting to the ftp sites. I opened port range 20-21 as a custom incoming and outgoing rule in windows firewall. Now some of the sites connect but it seems some are still timing out. Where as if I open all ports everything seems to work fine, but that's a security risk I am not willing to live with.

Should opening that range of 20-21 be sufficient to allow the ftp connections or is there something else I am missing.

Benjamin
  • 30
  • 1
  • 5

2 Answers2

1

The problem with FTP is that it uses secondary channel for data. And in general the port number for data connection is provided by the server dynamically during the session, so you don't know what port your client should connect to for data channel. So your firewall needs to allow connections to any port for your application .

Eugene Mayevski 'Callback
  • 266
  • 2
  • 4
  • Wouldn't there be an event in the windows firewall logs saying that the operation was bouncing off of the unopened ports? –  Aug 16 '11 at 17:40
  • my bad, any way to move it to such a location –  Aug 16 '11 at 21:17
0

Basically the solution taken was to white-list the program in the and then not worry about which ports needed opened. Still not sure the security issues associated with that it seems to have it working for the time being.

Benjamin
  • 30
  • 1
  • 5