I struggled with the whole passive port range deal on IIS 7.0 tonight. I finally realized that it apparently only applies to FTP/ES or FTP/IS. When I try to do plain ftp, it assigns whatever the heck port number it wants when responding to a PORT request.
First of all, am I missing something. Secondly, if I'm not, why in the world does it work this way?
TIA.
Best Answer
I stumbled upon this question when I had the same problem today. I set the "Data Channel Port Range" in IIS 7.5 Manager console, but the server kept picking ports outside the specified range. The issue for me wasn't a firewall rewriting the response (I was using TLS, so it couldn't, even if it tried). Actually, after you change the port range, you have to restart the "Microsoft FTP Service". Using
iisresetisn't sufficient, nor is clicking "Restart" at the server level in IIS Manager; the OS-level service (ftpsvc) must be fully stopped and started.