0

I'm trying to get Microsoft Server 2016's IIS 10 to run FTPS. I have it working internally (need to change the External IP Address of Firewall to match internal IP (for LAN) and external IP (for WAN), but it works.)

When I try to connect using FileZilla from outside the LAN, I receive a "Failed to retrieve directory listing" I have ports 989/990 TCP, and 5000-5005 forwarding to the server using my Verizon FiOS NAT router.

I also have Windows Firewall set to accept in/out bound 5000-5005 (wasn't sure if it was needed), and to allow 989/990 in. I'm also attempting to use my MacBook Pro from outside my LAN. Using Finder, it prompts me for credentials (which wouldn't happen if it was completely rejected.) It tries to enter passive mode (11,22,33,44,237,36) which I think means on port 60708?

Any ideas?

Josh B
  • 1
  • 1
  • 2
  • 4

1 Answers1

0

5000-5005Yes this is because along with the configuration of the port you would need also a series of ports called "Passive Mode" in ftps. So what you need to do is just to open the port 21 (for regular ftp) and 22 for ftps.

Enable the Passive mode in for ports in any range (I usually do 50100-50120) (the range will depend on the numbers of user that youll ftps will manage.

so in the filezilla server console search for the "passive Option", enable and set the same ports : 50100-50120 and remember to open the same range in the windows firewall. that will be working when you're done.

Or maybe just enable passive mode into the ports that you have already configured 5000-5005 (TCP only)

Jose Ortega
  • 544
  • 2
  • 9
  • However, I'm only using FileZilla as a client, and Windows IIS 10 as the FTPS server. I already have port 21 up/running for another FTP site on the same server (soon to be modified to be the FTPS site). From what you're saying, it looks like I just need to forward 22 as well, from my router's firewall? – Josh B Apr 29 '17 at 19:56
  • yes ftps goes by port 22. I have never make work the IIS as ftp/ftps solution I go straight to FTPS using Filezilla server and giving it a range of ports for passive mode in 3 places: Firewall, Forward from router to server and in the filezilla server 'passive mode' – Jose Ortega Apr 30 '17 at 04:26
  • I tried forwarding 22 as well, still fails... – Josh B May 11 '17 at 21:34