Allow FTP passthrough on Windows server 2012
It did appear to be a problem With Routing an Remote Access, and the firewall did not have much to do with it. At least not any of the configurable zones.
In the end I resolved it using this thread, which concludes to entering this in the command prompt on the NAT server:
netsh routing ip nat delete ftp
So I suppose the NAT server attempted to intercept the FTP traffic and route it locally (or something), which it no longer does now.
Related videos on Youtube
Neograph734
Updated on September 18, 2022Comments
-
Neograph734 almost 2 years
I can find many resources on how to configure a Windows server as an FTP server, but for this situation I have not figured it out.
I'd like to configure a Windows server 2012 firewall to allow FTP traffic from an intranet computer to an external webserver. So the FTP connection is not from or to the server. I had this working in the past, but opening up ports 20-21 does not seem to be working and I cannot recall how this used to work in the past.
So, what do I need more to allow a Windows Server 2012 to pass FTP traffic from the internet Client to the external server?
-
Todd Wilcox about 8 yearsWhen you say "Windows Server 2012 firewall", do you mean the built-in software firewall that is meant to secure the server's interaces, or are you talking about Microsoft ISA Server? You'll need the latter (or something like it) to do what you want to do.
-
Drifter104 about 8 yearsHave you configured routing and remote access?
-
Neograph734 about 8 yearsYes, but we use VPN only. DirectAccess is not configured.
-
Drifter104 about 8 yearsThe only way to do this AFAIK is to configure routing and remote access with a public and private interface. Then configure it with NAT
-
Neograph734 about 8 years@Drifter104 I'll see if I can get that to work :)
-
-
Neograph734 about 8 yearsThis makes more sense, but unfortunately does not work either...
-
El Chapo Gluzman about 8 yearsMake sure to manually restart the entire Microsoft FTP Service from the Administrative Tools > Services applet.
-
Neograph734 about 8 yearsI do not have such service (The FTP server role is not enabled as we do not need it). Should I enable it?
-
El Chapo Gluzman about 8 yearsI am assuming you are trying to set-up a Passive Mode FTP Server within your 2012 server; otherwise its just an issue of routing and remote access and nothing to do with the actual server.
-
Neograph734 about 8 yearsNo, the Windows machine should not be the FTP server. I want a client on the intranet to be able to connect to a remote FTP server, which currently gets blocked by the Firewall (if I disable it, the connection works). I'll look into RRaS.
-
El Chapo Gluzman about 8 yearsCheck the RRAS troubleshoot I added