Scott Forsyth's Blog

Postings on IIS, ASP.NET, SQL Server, Webfarms and general system admin.

.

  • Scott Forsyth

Hosting Needs

Training and Dev Labs

FTP Firewall Settings, Active vs. Passive, and FTPS Explicit vs. Implicit-Week 47

You can find this week’s video here.

Have you ever wondered what FTP Active mode or Passive mode means? Do you have a good understanding of the FTP data channel or control channel? It can be difficult to fully understand FTP, which firewall ports to enable, and how to navigate the two communication channels. This lesson will hopefully clear up these questions and more.

This week’s video lesson takes a deep dive into FTP Active vs. Passive modes. As part of this you’ll get a chance to see the various modes in action, see what the traffic looks like in Wireshark, see exact firewall rules, learn about stateful FTP, find out about Explicit FTPS and Implicit FTPS, and learn about the FTP data channel and control channels.

This week's video lesson is the 4th of a 5-week mini-series on IIS FTP. The five weeks include:

  • Week 1: IIS FTP Basics
  • Week 2: IIS FTP and IIS Manager Users
  • Week 3: IIS FTP and User Isolation
  • Week 4: IIS FTP Firewall settings, Active vs. Passive
  • Week 5: IIS FTP Troubleshooting plus FTP Host Headers

This is now week 47 of a 52 week series for the web pro, and the 4th of a 5 week mini-series on IIS FTP. You can view past and future weeks here: http://dotnetslackers.com/projects/LearnIIS7/

You can find this week’s video here.

Posted: Feb 13 2012, 09:28 AM by OWScott | with 4 comment(s)
Filed under: , , ,

Comments

David Taylor said:

Yeah FTP sucks.  It was funny how I went for years not even thinking about it.  Then a year ago I had what I thought was a simple enough setup: A physical host running hyper-v with a virtual machine.  The physical machine had external IP addresses, the virtual machine internal ones (192.168.0.2, etc).  For specific reasons the VM couldn't be hooked up to the physical IPs.

So I needed to setup NAT from the physical to the virtual; then make sure all the right FTP ports were mapped; then make sure IIS 7.5 was also using the correct ports being mapped, etc, etc, etc.

Damn just sooooo hard.

# February 13, 2012 10:37 AM

OWScott said:

Hi David,

I feel your pain.  With HTTP/S you just open TCP 80/443 and it's done.  Easy!  FTP ... not so much.

# February 13, 2012 11:03 AM

Aadil said:

Thanks for that   problem part svloed.For the remainder:I'm creating the FTP script in sql which I save in a file on the sql server.  I can't make the server run it from sql.  Something like this works for other activities:  set @cmd='xp_cmdshell  FTP -n -s:FTPscript.txt     exec(@cmd)but not this time.  What am I missing?Thanks

# March 7, 2012 5:26 PM

OWScott said:

Hi Aadil,

Have you tested with the command line FTP from the sql server?  That will confirm your network connectivity.  If you don't mind installing FileZilla on the sql box (not sure that I would unless I had to), you can test with passive or active mode to see which works.  

I haven't used FTP from sql before so I'm not sure if it supports active or passive mode.  My guess is that you're being blocked by the firewalls due to passive or active mode (active most likely) bring used but the firewall isn't setup for it yet.

# March 9, 2012 10:04 AM
Leave a Comment

(required) 

(required) 

(optional)

(required)