Hi All,
Running an IIS 7.5 FTP server and things work fine. I defined a custom data channel port range for passive connections and added a firewall rule to allow that range.
I use the GUI to create the rule as follows:
New Rule
Custom
Services (Customize..)
Apply to this service (Microsoft FTP Service)
Protocol: TCP
Local port: My Port Range
Remote port: All Ports (Default)
Applies to any IP address
Is this a correct implementation of my desired rule? I did verify with MS Network Monitor on the client machine that ports within my specified range were being used.
Since I've specified my own port range for passive FTP and don't want to use the default, built-in range of 1024-65535 can I safely/should I disable the default firewall rule? The built-in rule exempts svchost.exe and my rule exempts the FTP service. What's the difference here? As a side note, I did disable the rule and was still able to log in using passive FTP with IE 9.
-pb