I had a wonderful time over the holidays with my family and I hope that everyone that reads this had the same ...but that feels like ages ago, as the new year started with all kinds of unexpected logistical challenges for me ...and "only" a month later, I am finally ready to be really productive again :-)
One of the last things I needed to do before my holiday break was to set up an FTP Server ...well, of course I didn't want to set up something that would involve clear text passwords and unencrypted connections, so I investigated options. The main choices are
SFTP and FTPS, but as I am using Windows Server 2008 it was an easy choice to go with FTPS.
As with almost all things it's not too difficult to set up and a few posts already exist that give a lot of the information, e.g. from the
IIS site. However, there were still a few things that can easily go wrong.
The first thing I wasted time with was that I just didn't understand that the FTPS functionality was
not part of the latest IIS7 release. Instead, one has to
download it separately. The next two areas of potential problems come from the Firewalls involved (my FTPS Server machine has its own built-in firewall activated and we're using ISA as the corporate firewall), which can be tricky to configure as the FTP protocol uses a dynamic range of data ports. This article from the IIS site provides the
important additional information.
I also got a bit confused when trying to set up the data port range for my ftps enabled site: I somehow entered my choice there in the first place but then couldn't change it there anymore: the ftps data port range is actually per server, so one has to really set this up at the server level in IIS. Also, an IIS reset might be necessary after a change to the data port range.
I recommed setting it up so that SSL encryption is "required" for credentials, but "allowed" for the data, leaving that choice to the ftps client.
Settings up the ISA rule for the FTPS protocol was straight forward. I created an "FTP Server" rule, as well as a new Protocol object that defined my data port range, which I used to create my "FTPS" rule (using the "Publish Non Web server" task).
A last thing to consider is whether to use "
Explicit or Implicit" FTPS. I went with Explicit, but both are supported with my SmartFTP client software.
Update (28-09-09): I just switched to FileZilla and that works perfectly fine with IIS 7 too ...and it's free!