Enable passive FTP in Windows Firewall on Windows Server 2008

Posted by on June 22, 2009 Leave a comment (5) Go to comments


I was having problems getting passive FTP to work on Windows Server 2008 using the IIS FTP server. By default, only port 21 is open for FTP, but passive FTP ports are blocked. Since this port is selected at random, you cannot open a particular port to make this work. Instead, enabling stateful FTP allows the firewall to see that the connection is related to an existing connection and will allow the traffic.

To enable stateful FTP:

C:/> netsh advfirewall set global StatefulFtp enable

-Chris

Technology
  1. Dan November 12, 2009 at 11:00

    Bingo! Thank you Chris!

    For the search engines:
    DOS FTP worked. Unchecking “use passive FTP” in IE made it work for clients. This command populates Windows Firewall with Advanced Security if it wasn’t already.

  2. Question FtpWebRequest and Firewall settings - pingback on May 8, 2011 at 09:33
  3. fredX May 8, 2011 at 09:40

    Excellent – solved a ton of isssues! Thanks!

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Trackbacks and Pingbacks: