5

I am needing to use the functionality to set the FTP PASV port range that IIS FTP7.5 will use, but it seems this is locked down in configuration at the server level; I can not modify the port range per-site. (I can modify the IP address but not the port range on each site via the manager, but I can modify both at the server level)

Per-site screen

My assumption is that this is locked down in the configuration somewhere, but I'm not sure where to look. It does not appear to be amongst the options under 'Feature Delegation', by the way.

I'm having to use this because the system in question is running FTPS and is behind an iptables-managed firewall; the state/conntrack modules can not help in this case because the firewall is incapable of inspecting the FTPS packets, since they are encrypted.

I would prefer to be able to specify this port range per site, as one of the sites will only need a very narrow range, while another will need a somewhat broader range.

Andrew Barber
  • 1,089
  • 12
  • 23

1 Answers1

5

This is the directions I followed for configuring that

http://learn.iis.net/page.aspx/309/configuring-ftp-firewall-settings/

Go to the firewall settings after clicking on the SERVER not the site

cpgascho
  • 753
  • 1
  • 9
  • 23
  • That's not what I want to do. I want to edit it per-site, not on the whole server. The option is there - it just seems to be locked down in the config somewhere, and I'm not sure where. – Andrew Barber Dec 16 '10 at 22:18
  • 1
    There isn't a way to do it per site. It is a per server setting otherwise you will have to deal with port forwarding ranges of ports for multiple Sites. You set it globally for IIS – cpgascho Dec 17 '10 at 05:01
  • Well, I just spent 40 minutes playing with web.config files and the `firewallSupport` element and indeed, it can only be altered per-server rather than per-site! Voted/Accepted your answer; thank you! – Andrew Barber Dec 19 '10 at 06:20