When you’re in, you need to configure IIS. A summary of the required steps:
- Add the ‘Web Server (IIS)’ role to the server.
- Add the IIS features you need.
- Add a TCP endpoint to your VM in the management portal with public and private port 80.
To enable FTP, make sure you enable the ‘FTP Server’ role services for your IIS role:
Add and configure FTP site
The next step is to create the actual FTP site in IIS. Right-click on ‘Sites’ in IIS Manager and select ‘Add FTP Site…’:
Specify the name and the local path for the site:
Specify binding and SSL information: No Need of SSL unless you are concerned with security.
And finally specify who should have access to the FTP site. Note that I selected Basic Authentication and the administrator user. This corresponds to the local administrator account on the VM (the same account you use when you use RDP to login). This is definitely not the best solution. When you do not use SSL to secure access to the FTP site, your FTP credentials are sent in cleartext when logging in to the FTP site. You can even define a local Group and add the users to that group.
Telnet localhost port 21 if this is ok that means the firewall is ok, you can also do a netstat to confirm this.
You should now be able to access the FTP site from within the VM. Open a command prompt, type ‘ftp 127.0.0.1’ and login with your administrator account.
Well, that was the easy part. You now have an FTP site that you can access locally. When you try to access it from another machine, you will notice that you can’t get a connection.
Configuring remote connectivity
What you need to know is this, there is two kinds of FTP, namely Active and Passive. For Active You just need to create an endpoint ( now its named as inbound security rules) in Azure to your VM for port 21. Another thing to keep in mind is FTP clients by default connect with passive so you might want to follow the below steps if configuring in passive.
*Pay Attention to Only Port 21
How to Set Active Mode in CuteFTP
Use Port Means Active, by default its passive so you need to change this if you are conecting using active. FOr Active Mode you are done.
Steps for creating a Passive Connection.
This is s a global setting so it needs to be defined at the server level.
To get the External IP you can do a google What is my IP.
To do the above change through the command.
appcmd set config /section:system.ftpServer/firewallSupport /lowDataChannelPort:1035 /highDataChannelPort:1040
You can choose any port range you like as long as it corresponds to the endpoints you configure for your Azure VM.
We’re almost there. Although the Windows firewall seems to allow all traffic that’s required, you also need to enable stateful FTP filtering on the firewall:
netsh advfirewall set global StatefulFtp enable Also add the passive firewall settings in the firwall allow list.
Finally, restart the FTP Windows service and we should be up and running:
net stop ftpsvc net start ftpsvc
Testing with Filezilla confirms that we can now successfully connect to our new FTP site, hosted on a Windows Azure VM: