15

I struggled with the whole passive port range deal on IIS 7.0 tonight. I finally realized that it apparently only applies to FTP/ES or FTP/IS. When I try to do plain ftp, it assigns whatever the heck port number it wants when responding to a PORT request.

First of all, am I missing something. Secondly, if I'm not, why in the world does it work this way?

TIA.

Chris B. Behrens
  • 671
  • 1
  • 6
  • 12

2 Answers2

36

I stumbled upon this question when I had the same problem today. I set the "Data Channel Port Range" in IIS 7.5 Manager console, but the server kept picking ports outside the specified range. The issue for me wasn't a firewall rewriting the response (I was using TLS, so it couldn't, even if it tried). Actually, after you change the port range, you have to restart the "Microsoft FTP Service". Using iisreset isn't sufficient, nor is clicking "Restart" at the server level in IIS Manager; the OS-level service (ftpsvc) must be fully stopped and started.

AdmiralNemo
  • 838
  • 1
  • 7
  • 11
  • 4
    thx - that &^%#^&%@#&* finally fixed it :) – seanb Dec 22 '11 at 05:10
  • 4
    service => Microsoft FTP service – Bossliaw May 20 '15 at 06:51
  • 5
    AGGGH! This is one of the stupidest things I've ever seen. I even remembered that you had to restart FTP but forgot that you have do do this from within services.msc and not IIS manager! Thank you. – NickG Jun 22 '15 at 16:03
  • 1
    In Windows 8 the following also works: Task Manager -> Services -> FTPSVC -> (right click) -> Restart. – alx Jul 08 '15 at 15:41
  • This answer is still relevant as of 2017...think microsoft will fix it in server 2020? – CyberMen Sep 29 '17 at 16:50
  • Saved me hours!! :) Thanks Poor of MS that iisreset does not rehup Microsoft FTP Service – boomdrak Feb 26 '20 at 06:59
  • I've wasted 2 days trying to figure this out. Almost took a bullet. Thanks! – Ya. May 09 '20 at 13:54
  • 1
    @boomdrak The least they could do is to add "Please restart the Microsoft FTP Service after changing the passive port range". This is ridiculous. – Ya. May 09 '20 at 13:55
1

I eventually determined that the $%(*&@ firewall was REWRITING the ftp commands in an attempt to be "helpful". I determined this when I tried to install FileZilla server and had the same problem. Luckily, FileZilla server has an open monitoring window, and I was able to observe the conversation from both sides and determine that the server was, in fact, sending the proper port number.

Chris B. Behrens
  • 671
  • 1
  • 6
  • 12