Good Day to you all, I am having a seriously hard time trying to configure 'remote' FTP access for Win2008R2 server I use as an RRAS box. I used this guide: http://learn.iis.net/page.aspx/309/configuring-ftp-firewall-settings-in-iis-7/#Step1 My current configuration 1. Ok so I added an FTP Site and pointed it E:\FTP_DATA and a DNS record for the server 2. I initially used 127.0.0.1 for the site binding but I was not able to access the FTP site so I used 'All Unassigned', no hostname 3. I choose 'Allow SSL' and my domain certificate 4. Basic Authentication with Authorization given to a security group called FTP_Users R/W (added test users) 5. In firewall support I used a 'Data Port Range' of 5000 - 6000 and the external address of my ASA firewall 6. Added TCP ports 20, 21, 5000-6000 to the firewall ACL 7. Added exclusions in my Windows Firewall on the FTP server to allow FTP, FTPS and FTP Passive When I try to FTP using DOS internally it works fine in active mode. C:\Users\anolan.DOMAIN>ftp ftp.domain.com Connected to ftp.domain.com. 220 Microsoft FTP Service User (ftp.mccoysales.com:(none)): admin 331 Password required for admin. Password: 230 User logged in. ftp> dir 200 PORT command successful. 150 Opening ASCII mode data connection. 06-13-12 12:01PM <DIR> TEST2 06-13-12 12:12PM <DIR> TEST 226 Transfer complete. ftp: 92 bytes received in 0.00Seconds 92000.00Kbytes/sec. When I try to FTP using DOS internally it does not work using passive mode. C:\Users\user.DOMAIN>ftp ftp.domain.com Connected to ftp.domain.com. 220 Microsoft FTP Service User (ftp.mccoysales.com:(none)): admin 331 Password required for admin Password: 230 User logged in. ftp> QUOTE PASV 227 Entering Passive Mode (66,195,82,222,232,88). ftp> dir 200 PORT command successful. 150 Opening ASCII mode data connection. 425 Cannot open data connection. If I try using FileZilla in active mode internally I am also able to get to the FTP server OK Status: Connected Status: Retrieving directory listing... Command: PWD Response: 257 "/" is current directory. Command: TYPE I Response: 200 Type set to I. Command: PORT 10,10,0,191,20,94 Response: 200 PORT command successful. Command: LIST Response: 125 Data connection already open; Transfer starting. Response: 226 Transfer complete. Status: Directory listing successful If I try using FileZilla in passive mode internally I receive this error. I think it is because the server is returning the address of my server to a local client machine. Status: Connected Status: Retrieving directory listing... Command: PWD Response: 257 "/" is current directory. Command: TYPE I Response: 200 Type set to I. Command: PASV Response: 227 Entering Passive Mode (66,195,82,222,232,30). Command: LIST Response: 150 Opening BINARY mode data connection. Error: Connection timed out Error: Failed to retrieve directory listing ------------------Remote Connection Testing------------------------ Trying to connect using DOS from a remote location using Active mode it fails C:\Users\anolan.DOMAIN>ftp ftp.domain.com Connected to ftp.domain.com. 220 Microsoft FTP Service User (ftp.mccoysales.com:(none)): admin 331 Password required for admin. Password: 230 User logged in. ftp> dir Connection closed by remote host Trying to connect using DOS from a remote location using Passive mode it fails C:\Users\user.DOMAIN>ftp ftp.domain.com Connected to ftp.domain.com. 220 Microsoft FTP Service User (ftp.mccoysales.com:(none)): admin 331 Password required for admin Password: 230 User logged in. ftp> QUOTE PASV 227 Entering Passive Mode (66,195,82,222,232,88). ftp> dir Connection closed by remote host FileZilla also fails remotely using Passive Mode Status: Connected Status: Retrieving directory listing... Command: PWD Response: 257 "/" is current directory. Command: TYPE I Response: 200 Type set to I. Command: PASV Response: 227 Entering Passive Mode (66,195,82,222,232,30). Command: LIST Response: 150 Opening BINARY mode data connection. Error: Connection timed out Error: Failed to retrieve directory listing The output from my log file (FTPSVC2) does not give me much. Basically the control channel is closed as soon as I initiate a conversation: 2012-06-13 21:44:21 70.196.193.129 DOMAIN\USER 10.10.90.102 21 PASS *** 230 0 0 d22a0726-a230-45e1-85d5-8e643ca2f7be / 2012-06-13 21:45:20 70.196.193.129 - 10.10.90.102 21 ControlChannelOpened - - 0 0 2e13513c-c64a-4266-8b02-7eab273f7e5b - 2012-06-13 21:45:22 70.196.193.129 - 10.10.90.102 21 USER USER 331 0 0 2e13513c-c64a-4266-8b02-7eab273f7e5b - 2012-06-13 21:45:23 70.196.193.129 DOMAIN\USER 10.10.90.102 21 ControlChannelClosed - - 64 0 d22a0726-a230-45e1-85d5-8e643ca2f7be - 2012-06-13 21:45:25 70.196.193.129 DOMAIN\USER 10.10.90.102 21 PASS *** 230 0 0 2e13513c-c64a-4266-8b02-7eab273f7e5b / 2012-06-13 21:45:38 70.196.193.129 DOMAIN\USER 10.10.90.102 21 PASV - 227 0 0 2e13513c-c64a-4266-8b02-7eab273f7e5b - 2012-06-13 21:46:17 - DOMAIN\USER 10.10.90.102 59486 DataChannelClosed - - 258 15 2e13513c-c64a-4266-8b02-7eab273f7e5b - 2012-06-13 21:46:43 70.196.193.129 DOMAIN\USER 10.10.90.102 21 ControlChannelClosed - - 64 0 2e13513c-c64a-4266-8b02-7eab273f7e5b - Any help would be much appreciated..... sorry about the length. Noncentz

For IIS and FTP queries, post here. http://forums.iis.net/ Thanks

My bad... will repost. Thanks!