Windows PowerShell
Copyright (C) Microsoft Corporation. All rights reserved.
# set the port range you use for passive mode
# specify any range that FTP Server Host does not use
# example below sets 60000 - 60100 range
PS C:\Users\Administrator> Set-WebConfiguration "/system.ftpServer/firewallSupport" -PSPath "IIS:\" -Value @{lowDataChannelPort="60000";highDataChannelPort="60100";}
# confirm
PS C:\Users\Administrator> Get-IISConfigSection -SectionPath "system.ftpServer/firewallSupport"
IsLocked : False
OverrideMode : Inherit
OverrideModeEffective : Deny
SectionPath : system.ftpServer/firewallSupport
Attributes : {lowDataChannelPort, highDataChannelPort}
ChildElements : {}
ElementTagName : system.ftpServer/firewallSupport
IsLocallyStored : True
Methods :
RawAttributes : {[lowDataChannelPort, 60000], [highDataChannelPort, 60100]}
Schema : Microsoft.Web.Administration.ConfigurationElementSchema
# restart FTP Service
PS C:\Users\Administrator> Restart-Service ftpsvc
# allow passive ports you set and also 21 port FTP Server uses on Windows firewall
PS C:\Users\Administrator> New-NetFirewallRule `
-Name "FTP Server Port" `
-DisplayName "FTP Server Port" `
-Description 'Allow FTP Server Ports' `
-Profile Any `
-Direction Inbound `
-Action Allow `
-Protocol TCP `
-Program Any `
-LocalAddress Any `
-LocalPort 21,60000-60100
Name : FTP Server Port
DisplayName : FTP Server Port
Description : Allow FTP Server Ports
DisplayGroup :
Group :
Enabled : True
Profile : Any
Platform : {}
Direction : Inbound
Action : Allow
EdgeTraversalPolicy : Block
LooseSourceMapping : False
LocalOnlyMapping : False
Owner :
PrimaryStatus : OK
Status : The rule was parsed successfully from the store. (65536)
EnforcementStatus : NotApplicable
PolicyStoreSource : PersistentStore
PolicyStoreSourceType : Local
RemoteDynamicKeywordAddresses : {}
|