locked
Adding an FTP server RRS feed

  • Question

  • Hi all,

     

    I am trying to set up an FTP server on my machine so my family can share some pics.  I have it installed on port 21 and everything runs fines when I have my firewall turned of.  I turn the firwall on and I can't connect.  So I went into the advanced firewall setting and added port 21 in, but still no use.  I still cannot connect even after adding that port into my firewall setting.

     

    Any thoughts would be great.

     

    thanks

     

    Dewey

    Thursday, August 16, 2007 12:40 PM

Answers

  • It's been a few years since I've dealt with FTP, so I'd forgotten some of its idiosyncrasies.

     

    Actually, both Active (Bullet Proof calls it Port) mode and Passive (PASV) mode can use random port numbers for the data port. This means that you'd have to know the range of ports that the client will use and open that entire range on the server, obviously a high risk for the server.

     

    This is why Passive mode was created, since only the Control port must be open inbound on the server, because the server then responds to the client to 'tell' it what data port number to use. For this reason you really can't use Active mode with a firewall without opening wide ranges. So you need to configure Passive mode and still make sure that port 21 is open inbound to the entire Internet so the FTP service can be accessed.

     

    bpsoftware covers this in the following article on their web site:

     

    HOWTO: Using BulletProof FTP Server when the hosted computer is protected by a Network Firewall/NAT.

     

    OneCareBear

    Friday, August 17, 2007 7:22 PM
    Moderator

All replies

  • Are you also allowing your ftp server program in the allow list in the firewall?

    If you continue to have problems, contact support - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=1183038&SiteID=2

    Personally, I'd host the pictures externally on http://spaces.live.com or a photo sharing site such as www.flickr.com

    -steve

     

    Friday, August 17, 2007 1:49 AM
    Moderator
  • Yes I went into the advanced tab and added port 21.

    Friday, August 17, 2007 3:10 AM
  • You don't mention, how are you connected to the Internet? If you are connected via a NAT router to broadband, it's likely you will have to configure that router to allow access to that specific computer for port 21 also.

     

    OneCareBear

    Friday, August 17, 2007 2:36 PM
    Moderator
  •  

    Yes I have a router and configured it to allow port 21.  As I mentioned, if I turn of the firewall in OneCare I have no problem connecting to my ftp server.

     

    thanks

     

    Dewey

    Friday, August 17, 2007 2:39 PM
  • I not only missed that, I also forgot that FTP uses two ports, and which port number depends on the FTP server in use (Active or Passive mode). Both use port 21 for control, but only Active mode uses a fixed port for data, though in theory the data port should connect outbound in response to an initial request.

     

    How are you serving FTP? Are you using a stand alone server or installing something like IIS on XP Pro? Since OneCare is keyed to home users who wouldn't normally try to serve things to the Internet, I doubt this is directly supported, so it obviously is already getting messy.

     

    I have to agree with Steve that from both a security and functionality standpoint, it would be better to use an online photo sharing service rather than attempt to host yourself.

     

    OneCareBear

    Friday, August 17, 2007 3:00 PM
    Moderator
  •  

    I am using bullet proof FTP server in Active mode.  What I don't understand is why Onecare will not allow traffic in when I have set it to open the port.

     

    I will check out the photo sharing as well.  It is bothering me know and I need to firgure out why it doesn't work.  LOL.  Like I said it works great with the friewall turned off so it must be something with Onecare

     

    thanks

     

    Dewey

    Friday, August 17, 2007 4:59 PM
  • I agree that it is OneCare causing the problem, since it works when you turn off the firewall. I think your best bet is to contact OneCare support - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=1183038&SiteID=2

    and post back here with details if and when the fix is identified.

    -steve

    Friday, August 17, 2007 5:28 PM
    Moderator
  • It's been a few years since I've dealt with FTP, so I'd forgotten some of its idiosyncrasies.

     

    Actually, both Active (Bullet Proof calls it Port) mode and Passive (PASV) mode can use random port numbers for the data port. This means that you'd have to know the range of ports that the client will use and open that entire range on the server, obviously a high risk for the server.

     

    This is why Passive mode was created, since only the Control port must be open inbound on the server, because the server then responds to the client to 'tell' it what data port number to use. For this reason you really can't use Active mode with a firewall without opening wide ranges. So you need to configure Passive mode and still make sure that port 21 is open inbound to the entire Internet so the FTP service can be accessed.

     

    bpsoftware covers this in the following article on their web site:

     

    HOWTO: Using BulletProof FTP Server when the hosted computer is protected by a Network Firewall/NAT.

     

    OneCareBear

    Friday, August 17, 2007 7:22 PM
    Moderator
  •  

    Same problem for me.

     

    I removed Norton Anti-virus and installed Onecare to evaluate it.

    Trying to FTP using my regular FTP client called "leechFTP" and it would not work. I turn off the OneCare Firewall and it works ?

     

    Can't use the OneCare Support since I did not purchase the license yet.

     

    What do you suggest I do ?

    Wednesday, November 28, 2007 10:54 PM
  • BEAR!!! How goes it?

    I'm having the same problem!! I don't get it because I downloaded the trial version and had it for the full 3 months and nothing was wrong, everything worked purrrrrfectly so I went ahead and bought it. After that it was fine too but now that I'm back home after being away for 2 weeks the firewall is messing with my FTP (FlashFXP).

    It wont even connect to the server unless I turn my firewall off!! Whats the deal with that?

    FlashFXP is on the allow list....

    Help me please Bear, I need this for work and I cant really be bummed turning my firewall on and off! IF you could hepl me or even point me in the right direction there might just be a wee pot of honey in it for you :P

    Cheers,

    amabam
    Thursday, March 26, 2009 5:01 PM
  • amabam,
    If you have your FTP program in the allow list, and you are encountering the problem as described earlier in the thread, and OneCareBear's advice doesn't help, then you should contact the vendor of your FTP software and/or OneCare support for help.
     

    How to reach support (FAQ) - http://social.microsoft.com/Forums/en-US/onecareinstallandactivate/thread/30400b52-7f26-4ba0-bc18-17e305329d90

    -steve


    Microsoft MVP Windows Live / Windows Live OneCare & Live Mesh Forum Moderator
    Thursday, March 26, 2009 6:44 PM
    Moderator