the built in command line ftp client in server 2008 does not support passive mode
so I've used these commands to allow outbound ftp (it stalls without this)
1) Open port 21 on the firewall
netsh advfirewall firewall add rule name="FTP (no SSL)" action=allow protocol=TCP dir=in localport=21
2) Activate firewall application filter for FTP (aka Stateful FTP) that will dynamically open ports for data connections
netsh advfirewall set global StatefulFtp enable
however in server 2008 r2, these commands seem to work, but it does not affect the outbound ftp, it stalls
I do not want to use an alt client
Best Answer
Instead of using the netsh command you could have Windows adding the firewall rules by enabling notification in the "Windows Firewall with Advanced Security" console.
Click on "Windows Firewall Properties" on the root object "Windows Firewall with Advanced Security on Local Computer". From there you customize the settings on each of the profile tabs Domain, Private and Public and set "Display a notification" to "Yes".
When this is done fire up your FTP client and connect to your FTP server. Now you'll be prompted if you want to add a rule for your ftp program.
Good Luck!
-Andy