Hi All, I am trying to get the IIS integrated FTP up for some hours now... This is the config: FTP Site binding port: 9100 Passive Port Range: 9900 - 9999 (I am using other ports because this is a second FTP server on the same WAN IP) In active mode all goes well In passive mode the Filezilla client always stops on: 150 Opening BINARY mode data connection I have opened all the ports in Windows Firewall and in my Router/Firewall It does not work locally nor remotely... All help would be very welcome. Thanks in advance.

Have you tried enabling statefulftp in windows firewall? netsh advf set global StateFulFTP enable With kind regards Krystian Zieja http://www.projectnenvision.com Follow me on twitter My Blog

Hi, Thanks for your reply. Yes i have tried that :-)

Have you tried disabling FW for a while, and checking that without firewall everything works as expected?With kind regards Krystian Zieja http://www.projectnenvision.com Follow me on twitter My Blog

HI, Tried that, but weird enough when i disable the firewall service the whole server refuses every connection...(rdp included)

Do not disable the firewall service, just disable the firewall: 1. Go to Windows Firewall with Advanced Security 2. Right Click Windows Firewall, choose properties 3. On profile you are running right now (or for test you can do that on all profiles), change firewall state to Off 4. Click Ok and Test ftpWith kind regards Krystian Zieja http://www.projectnenvision.com Follow me on twitter My Blog

Oh i see I cannot disable it because it is controlled trough group policy. I have been googling around but cant find the option to put its state to "off" Could you help me out?

Update: Unjoined the server from my domain, disable firewall and re-tested it. Same result... To bad :-( Update2: Just enabled logging and this is what i find here: #Version: 1.5 #Software: Microsoft Windows Firewall #Time Format: Local #Fields: date time action protocol src-ip dst-ip src-port dst-port size tcpflags tcpsyn tcpack tcpwin icmptype icmpcode info path 2011-04-23 17:02:48 ALLOW TCP 10.10.10.105 10.10.10.204 61341 9100 0 - 0 0 0 - - - RECEIVE 2011-04-23 17:03:31 ALLOW TCP 10.10.10.204 10.10.10.202 63220 135 0 - 0 0 0 - - - SEND 2011-04-23 17:03:31 ALLOW TCP 10.10.10.204 10.10.10.202 63221 1029 0 - 0 0 0 - - - SEND 2011-04-23 17:03:31 ALLOW TCP 10.10.10.204 10.10.10.202 63222 88 0 - 0 0 0 - - - SEND 2011-04-23 17:03:31 ALLOW TCP 10.10.10.204 10.10.10.202 63223 88 0 - 0 0 0 - - - SEND 2011-04-23 17:03:31 ALLOW TCP 10.10.10.204 10.10.10.202 63224 88 0 - 0 0 0 - - - SEND 2011-04-23 17:03:36 ALLOW TCP 10.10.10.204 10.10.10.202 63225 135 0 - 0 0 0 - - - SEND 2011-04-23 17:03:36 ALLOW TCP 10.10.10.204 10.10.10.202 63226 1029 0 - 0 0 0 - - - SEND 2011-04-23 17:03:38 ALLOW TCP 10.10.10.204 10.10.10.202 63227 389 0 - 0 0 0 - - - SEND 2011-04-23 17:03:53 ALLOW UDP 10.10.10.127 10.10.10.255 137 137 0 - - - - - - - RECEIVE 2011-04-23 17:03:57 ALLOW UDP 10.10.10.16 10.10.10.255 138 138 0 - - - - - - - RECEIVE 2011-04-23 17:04:23 ALLOW TCP 10.10.10.204 10.10.10.202 63228 135 0 - 0 0 0 - - - SEND 2011-04-23 17:04:23 ALLOW TCP 10.10.10.204 10.10.10.202 63229 1029 0 - 0 0 0 - - - SEND 2011-04-23 17:05:01 ALLOW UDP 10.10.10.26 10.10.10.255 137 137 0 - - - - - - - RECEIVE 2011-04-23 17:05:13 ALLOW UDP 10.10.10.41 10.10.10.255 138 138 0 - - - - - - - RECEIVE 2011-04-23 17:05:40 ALLOW TCP 10.10.10.18 10.10.10.204 50962 445 0 - 0 0 0 - - - RECEIVE 2011-04-23 17:05:40 ALLOW TCP 10.10.10.204 10.10.10.202 63230 88 0 - 0 0 0 - - - SEND 2011-04-23 17:05:40 ALLOW TCP 10.10.10.204 10.10.10.202 63231 88 0 - 0 0 0 - - - SEND 2011-04-23 17:05:49 ALLOW TCP 10.10.10.204 10.10.10.202 63232 389 0 - 0 0 0 - - - SEND

Hi MS1987, Thanks for posting here. If you have disjoined this computer form domain then please reset firewall profile by performing “netsh advfirewall reset” first. After that please configure exception with following the article below and see how is going : How to Configure Windows Firewall for a Passive Mode FTP Server http://technet.microsoft.com/en-us/library/dd421710(WS.10).aspx For how to reset firewall profile please refer to the article below: Netsh Commands for Windows Firewall with Advanced Security http://technet.microsoft.com/en-us/library/cc771920(WS.10).aspx#BKMK_1_reset Thanks. Tiger Li TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.com Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi MS1987, If there is any update on this issue, please feel free to let us know. Thanks. Tiger Li TechNet Subscriber Support in forum If you have any feedback on our support, please contact tngfb@microsoft.comPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi All, I am trying to get the IIS integrated FTP up for some hours now... This is the config: FTP Site binding port: 9100 Passive Port Range: 9900 - 9999 (I am using other ports because this is a second FTP server on the same WAN IP) In active mode all goes well In passive mode the Filezilla client always stops on: 150 Opening BINARY mode data connection I have opened all the ports in Windows Firewall and in my Router/Firewall It does not work locally nor remotely... All help would be very welcome. Thanks in advance. Can you set your bindings to default to see if the service works correctly. Have you also considered using Host Headers on FTP in IIS instead of using Wildcard headers? example: binding *:21 - This is a wildcard header. pub.mydomain.com:21, private.mydomain.com:21, users.mydomain.com:21 These are host headers... configure on your external and internal DNS servers. Both can be configured to be accessed differently and data sources can be seperate. Try accessing the FTP Server remotely and locally prior... Add your custom firewall rules depending on your ports that you allow... netsh advfirewall firewall add rule name="Custom FTP Allow" dir=in localip=LOCALCIDRADDRESS remoteip=any localport=LOCALPORT remoteport=any protocol=tcp action=allow enable=yes LOCALCIDRADDRESS= Your IP Address with /bits notation. Example 192.168.0.2/32 (This host specifically!) LOCALPORT = The port you wish to allow You can use multiple ports and ranges using commas. 20,21,1023 Also keep in mind, web browsers can only view FTP via port 1023 passive mode. Steve Kline Microsoft Certified IT Professional: Server Administrator Microsoft Certified Technology Specialist: Active Directory, Network Infrastructure, Application Platform, Windows 7 Microsoft Certified Product Specialist & Network Product Specialist Red Hat Certified System Administrator This posting is "as is" without warranties and confers no rights.

Hi All, I am trying to get the IIS integrated FTP up for some hours now... This is the config: FTP Site binding port: 9100 Passive Port Range: 9900 - 9999 (I am using other ports because this is a second FTP server on the same WAN IP) In active mode all goes well In passive mode the Filezilla client always stops on: 150 Opening BINARY mode data connection I have opened all the ports in Windows Firewall and in my Router/Firewall It does not work locally nor remotely... All help would be very welcome. Thanks in advance. Can you set your bindings to default to see if the service works correctly. Have you also considered using Host Headers on FTP in IIS instead of using Wildcard headers? example: binding *:21 - This is a wildcard header. pub.mydomain.com:21, private.mydomain.com:21, users.mydomain.com:21 These are host headers... configure on your external and internal DNS servers. Both can be configured to be accessed differently and data sources can be seperate. Try accessing the FTP Server remotely and locally prior... Add your custom firewall rules depending on your ports that you allow... netsh advfirewall firewall add rule name="Custom FTP Allow" dir=in localip=LOCALCIDRADDRESS remoteip=any localport=LOCALPORT remoteport=any protocol=tcp action=allow enable=yes LOCALCIDRADDRESS= Your IP Address with /bits notation. Example 192.168.0.2/32 (This host specifically!) LOCALPORT = The port you wish to allow You can use multiple ports and ranges using commas. 20,21,1023 Also keep in mind, web browsers can only view FTP via port 1023 passive mode unless you explicitly imply a socket on the address... ftp://pub.mydomain.com:9900 Steve Kline Microsoft Certified IT Professional: Server Administrator Microsoft Certified Technology Specialist: Active Directory, Network Infrastructure, Application Platform, Windows 7 Microsoft Certified Product Specialist & Network Product Specialist Red Hat Certified System Administrator This posting is "as is" without warranties and confers no rights.

Hi all! I have spent my weekend updating the server (installing SP1 etc) and believe it or not... The ftp works?! I totally don't get it... Setup as it is now: FTP Binding: 9100 Firewall is open from 9100-9999 Enabled the FTP Protocol in firewall of course Configured the datachannel port range from 9100-9999 So far so good... Thanks for helping out though!