New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Windows Server 2016 - can't access FTP (21) from server - need help!
Just installed Windows Server 2016 on my OVH server. Used 2012 R2 a year+ on the same server.
After the installation I just discovered that something blocks outgoing port 21. I use FileZilla server on the server and incoming FTP traffic is going as normal. But not outgoing, can't use FileZilla client to connect to anything, or use ftp:// in a web browser.
I have not done any changes to Windows Firewall.
What can be the issue? I have tried to add FileZilla client to the firewall (like you have to do with FileZilla server) but it did not help.
Comments
did you try just opening the port in the firewall?
Tried this rule, applied to all firewall profiles:
The first, best answer is: stop using FTP. It's ancient, it's insecure, it's not encrypted, and it was known to be a lousy protocol 20 years ago.
Use sftp instead.
However, if you must...welcome to the FTP firewall hell.
i.e.: http://www.ncftp.com/ncftpd/doc/misc/ftp_and_firewalls.html
Also:
"Using the File Transfer Protocol (FTP) service on a server behind a firewall creates a set of challenges because of the way FTP works. A standard mode FTP client initiates a session to a server by opening a “command channel” connection to TCP port number 21. A file transfer is requested by the client by sending a PORT command to the server. The server then attempts to initiate a “data channel” connection back to the client on TCP port number 20."
https://technet.microsoft.com/en-us/library/dd421710(v=ws.10).aspx
But I need to download some software to my server from a FTP server (that's not mine).
Can't see why this Windows Server 2016 installation blocks FTP, when my Windows Server 2016 installation on my Hetzner and/or my Kimsufi servers do not block outgoing FTP.
Ahh...this must be a Hyper-V issue or something, this Server is running Hyper-V and hosts serveral VM's and I'm using some internal network for my TestLAB. Looking in ipconfig, I can see that the host is getting IP's from the internal network, look here:
So how can I set that Windows should prefer the network card highlighted in red?
Edit: It's the same on my Hetzner Win2016 server, the DNSlookup. It also points to 192.168.1.150 on the internal network. But FTP is working fine there.
Found the solution here...
you must update the Metric of each interface in the order you want. Goto Control Panel > Network and Internet > Network Connections Right click the desired connection (Higher Priority Connection) Click Properties > Internet Protocol Version 4 Click Properties > Advanced Uncheck 'Automatic Metric' Enter 10 in 'Interface Metric' Click OK
Source answers.microsoft.com
Changing this, fixed the FTP issue right away. No need for any firewall rule.
On some version of Windows Server, I swear it was 2016, I was able to use a predefined "FTP" service firewall rule and just click enable, not sure if that's still a thing or not.