Differences
This shows you the differences between the selected revisions of the page.
| 2018-01-12 | 2018-02-19 | ||
| not just anymore (martin) | no summary (172.196.13.242) | ||
| Line 73: | Line 73: | ||
| ===== [[certificate]] Creating Certificate for the FTPS Server ===== | ===== [[certificate]] Creating Certificate for the FTPS Server ===== | ||
| - | You need a TLS/SSL certificate to secure your FTPS server. Ideally you should acquire the certificate from a certificate authority. | + | You need a TLS/SSL certificate to secure your FTP server. Ideally, you should acquire the certificate from a certificate authority. |
| You may also create a self-signed certificate locally, but in such case users of your FTPS server [[tls#certificate|will be warned]], when connecting to the server. | You may also create a self-signed certificate locally, but in such case users of your FTPS server [[tls#certificate|will be warned]], when connecting to the server. | ||
| Line 92: | Line 92: | ||
| * Specify your server's external IP address. \\ For [[guide_azure_ftps_server|Microsoft Azure Windows servers]] you will find the external IP address in //Public IP address// section of the virtual machine page. | * Specify your server's external IP address. \\ For [[guide_azure_ftps_server|Microsoft Azure Windows servers]] you will find the external IP address in //Public IP address// section of the virtual machine page. | ||
| - | When behind an external firewall, you need to open ports for data connections (obviously in addition to opening an %%FTP%% port 21 and possibly an implicit TLS/SSL %%FTP%% port 990). You won't probably want to open whole default port range 1024-65535. In such case, you need to tell the %%FTP%% server to use only the range that is opened on the firewall. Use a //Data Channel Port Range// box for that. Any time you change this range, you will need to [[#restart|restart FTP service]]. //Learn how to [[guide_azure_ftps_server#firewall|open ports on Microsoft Azure]].// | + | When behind an external firewall, you need to open ports for data connections (obviously in addition to opening a %%FTP%% port 21 and possibly an implicit TLS/SSL %%FTP%% port 990). You won't probably want to open whole default port range 1024-65535. In such case, you need to tell the %%FTP%% server to use only the range that is opened on the firewall. Use a //Data Channel Port Range// box for that. Any time you change this range, you will need to [[#restart|restart FTP service]]. //Learn how to [[guide_azure_ftps_server#firewall|open ports on Microsoft Azure]].// |
| Click //Apply// action to submit your settings. | Click //Apply// action to submit your settings. | ||
| Line 102: | Line 102: | ||
| ===== [[window_firewall]] Windows Firewall Rules ===== | ===== [[window_firewall]] Windows Firewall Rules ===== | ||
| - | An internal Windows firewall is automatically configured with rules for the ports 21, 990 and 1024-65535, when %%IIS%% %%FTP%% server is installed. | + | An internal Windows firewall is automatically configured with rules for the ports 21, 990 and 1024-65535 when %%IIS%% %%FTP%% server is installed. |
| The rules are not enabled initially though some versions of Windows.((The rules are enabled initially on Windows Server 2016.)) &win2016 To enable or change the rules, go to //Control Panel > System and Security > Windows Firewall//((//Windows Defender Firewall// on Windows 10.))// > Advanced Settings > Inbound Rules// and locate three "%%FTP%% server" rules. &wincp If the rules are not enabled, click on //Actions > Enable Rule//. | The rules are not enabled initially though some versions of Windows.((The rules are enabled initially on Windows Server 2016.)) &win2016 To enable or change the rules, go to //Control Panel > System and Security > Windows Firewall//((//Windows Defender Firewall// on Windows 10.))// > Advanced Settings > Inbound Rules// and locate three "%%FTP%% server" rules. &wincp If the rules are not enabled, click on //Actions > Enable Rule//. | ||
| Line 112: | Line 112: | ||
| To restart %%FTP%% service go to //Control Panel > System and Security > Administrative Tools// and open //Services//. Locate //Microsoft %%FTP%% Service// and click //Restart service//.((Try restarting whole system, if a service restart does not help.)) &wincp | To restart %%FTP%% service go to //Control Panel > System and Security > Administrative Tools// and open //Services//. Locate //Microsoft %%FTP%% Service// and click //Restart service//.((Try restarting whole system, if a service restart does not help.)) &wincp | ||
| + | ====== ===== Level 1 Headline ===== | ||
| + | ==== Level 3 Headline ==== | ||
| + | ====== | ||
| ===== Adding FTP Site ===== | ===== Adding FTP Site ===== | ||
| Line 146: | Line 149: | ||
| Start WinSCP. [[ui_login|Login Dialog]] will appear. On the dialog: | Start WinSCP. [[ui_login|Login Dialog]] will appear. On the dialog: | ||
| * Select //FTP// protocol and //TLS/SSL Explicit encryption//. | * Select //FTP// protocol and //TLS/SSL Explicit encryption//. | ||
| - | * Enter your Windows server hostname to //Host name// field. Avoid using an IP address to allow WinSCP to verify that the host name matches with host the server's certificate was issued to (not applicable to self-signed certificates). | + | * Enter your Windows server hostname to //Host name// field. Avoid using an IP address to allow WinSCP to verify that the hostname matches with host the server's certificate was issued to (not applicable to self-signed certificates). |
| - | * Specify username and password of Windows account you want to connect with (when using domain accounts, you need to specify full username with format ''domain\username''). | + | * Specify username and password for Windows account you want to connect with (when using domain accounts, you need to specify a full username with format ''domain\username''). |
| * You may want to [[session_configuration#site|save your session details]] to a site so you do not need to type them in every time you want to connect. Press //Save// button and type site name. | * You may want to [[session_configuration#site|save your session details]] to a site so you do not need to type them in every time you want to connect. Press //Save// button and type site name. | ||
| * Press //Login// to connect. | * Press //Login// to connect. | ||