All geek questions in one place

Passive FTP on Windows Azure Virtual Machine

I have installed FTP in IIS7 on a Windows 2008 virtual machine. I have enabled port 21 at the endpoints and Active FTP is working fine. But I'm not sure how to connect through Passive. I followed the Microsoft documentation (enabled a number of ports in IIS and allowed the same ports on the local firewall). I also enabled ports at the endpoints in Azure Management. This did not work.

I read somewhere on the unofficial MS forum that MS does not allow passive FTP in Azure. It's true? If not, can someone contact me with the right documentation?

thanks

SOLUTION I followed the instructions in this article. The problem I ran into was that I did not stop and start the FTP service after that. This will not work otherwise.

+6
source share
3 answers

Passive FTP should work fine on Windows Azure Virtual Machines. However, you won’t be able to select a large range of ports, since Azure can have up to 25 endpoints, and this may be a restriction on the use of passive FTP. This forum talk says more about this.

You can find this blog that explains how they configure passive FTP with IIS on a Windows virtual machine.

+9
source

Additional information about the above record ( http://www.itq.nl/blogs/post/Walkthrough-Hosting-FTP-on-IIS-75-in-Windows-Azure-VM.aspx ) - in the end she says that you need to use the following command to add a range of ports in IIS:

appcmd set config /section:system.ftpServer/firewallSupport \ /lowDataChannelPort:7000 /highDataChannelPort:7014

I did not succeed because the port range is blocked, so it can only be installed on the root IIS node. Error:

 Support (Your site name) /lowDataChannelPort:5000 /highDataChannelPort:6000 ERROR ( message:Can not set attribute "lowDataChannelPort" to value "5000".. Rea son: This configuration section cannot be used at this path. This happens when t he section is locked at a parent level. Locking is either by default (overrideMo deDefault="Deny"), or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false". . )

If you move the IIS nodes to the root server node, select "View functions", then "FTP firewall support", you can set the port range of the data channel there using a text field, without the need for scripting, and avoid this error. After that, you need to restart the ftp service (as described above), and passive FTP works fine.

I added an additional answer here because, having no way to run the appcmd command to set the port range, I circled around for several hours, and this can help others avoid the same problem.

+6
source

I thought others might run into this. If you receive a security message indicating that the parent is locked, just go back to your FTP server and disconnect the required SSL connections. Then run the command. Configure endpoints, open a firewall, etc. Then log in and go back to Require SSL connection!

0
source

Source: https://habr.com/ru/post/924095/

More articles:


All Articles