Differences

This shows you the differences between the selected revisions of the page.

2018-02-19 2018-02-19
Restored revision 1515754610. Undoing revision 1519043627. (martin) (hidden) no summary (172.196.13.242)
Line 73: Line 73:
===== [[certificate]] Creating Certificate for the FTPS Server ===== ===== [[certificate]] Creating Certificate for the FTPS Server =====
-You need a TLS/SSL certificate to secure your FTPS server. Ideally you should acquire the certificate from a certificate authority.+You need a TLS/SSL certificate to secure your FTP server. Ideally, you should acquire the certificate from a certificate authority.
You may also create a self-signed certificate locally, but in such case users of your FTPS server [[tls#certificate|will be warned]], when connecting to the server. You may also create a self-signed certificate locally, but in such case users of your FTPS server [[tls#certificate|will be warned]], when connecting to the server.
Line 92: Line 92:
  * Specify your server's external IP address. \\ For [[guide_azure_ftps_server|Microsoft Azure Windows servers]] you will find the external IP address in //Public IP address// section of the virtual machine page.   * Specify your server's external IP address. \\ For [[guide_azure_ftps_server|Microsoft Azure Windows servers]] you will find the external IP address in //Public IP address// section of the virtual machine page.
-When behind an external firewall, you need to open ports for data connections (obviously in addition to opening an %%FTP%% port 21 and possibly an implicit TLS/SSL %%FTP%% port 990). You won't probably want to open whole default port range 1024-65535. In such case, you need to tell the %%FTP%% server to use only the range that is opened on the firewall. Use a //Data Channel Port Range// box for that. Any time you change this range, you will need to [[#restart|restart FTP service]]. //Learn how to [[guide_azure_ftps_server#firewall|open ports on Microsoft Azure]].//+When behind an external firewall, you need to open ports for data connections (obviously in addition to opening a %%FTP%% port 21 and possibly an implicit TLS/SSL %%FTP%% port 990). You won't probably want to open whole default port range 1024-65535. In such case, you need to tell the %%FTP%% server to use only the range that is opened on the firewall. Use a //Data Channel Port Range// box for that. Any time you change this range, you will need to [[#restart|restart FTP service]]. //Learn how to [[guide_azure_ftps_server#firewall|open ports on Microsoft Azure]].//
Click //Apply// action to submit your settings. Click //Apply// action to submit your settings.
Line 102: Line 102:
===== [[window_firewall]] Windows Firewall Rules ===== ===== [[window_firewall]] Windows Firewall Rules =====
-An internal Windows firewall is automatically configured with rules for the ports 21, 990 and 1024-65535, when %%IIS%% %%FTP%% server is installed.+An internal Windows firewall is automatically configured with rules for the ports 21, 990 and 1024-65535 when %%IIS%% %%FTP%% server is installed.
The rules are not enabled initially though some versions of Windows.((The rules are enabled initially on Windows Server 2016.)) &win2016 To enable or change the rules, go to //Control Panel > System and Security > Windows Firewall//((//Windows Defender Firewall// on Windows 10.))// > Advanced Settings > Inbound Rules// and locate three "%%FTP%% server" rules. &wincp If the rules are not enabled, click on //Actions > Enable Rule//. The rules are not enabled initially though some versions of Windows.((The rules are enabled initially on Windows Server 2016.)) &win2016 To enable or change the rules, go to //Control Panel > System and Security > Windows Firewall//((//Windows Defender Firewall// on Windows 10.))// > Advanced Settings > Inbound Rules// and locate three "%%FTP%% server" rules. &wincp If the rules are not enabled, click on //Actions > Enable Rule//.
Line 112: Line 112:
To restart %%FTP%% service go to //Control Panel > System and Security > Administrative Tools// and open //Services//. Locate //Microsoft %%FTP%% Service// and click //Restart service//.((Try restarting whole system, if a service restart does not help.)) &wincp To restart %%FTP%% service go to //Control Panel > System and Security > Administrative Tools// and open //Services//. Locate //Microsoft %%FTP%% Service// and click //Restart service//.((Try restarting whole system, if a service restart does not help.)) &wincp
 +====== ===== Level 1 Headline =====
 +==== Level 3 Headline ====
 + ======
===== Adding FTP Site ===== ===== Adding FTP Site =====
Line 146: Line 149:
Start WinSCP. [[ui_login|Login Dialog]] will appear. On the dialog: Start WinSCP. [[ui_login|Login Dialog]] will appear. On the dialog:
  * Select //FTP// protocol and //TLS/SSL Explicit encryption//.   * Select //FTP// protocol and //TLS/SSL Explicit encryption//.
-  * Enter your Windows server hostname to //Host name// field.  Avoid using an IP address to allow WinSCP to verify that the host name matches with host the server's certificate was issued to (not applicable to self-signed certificates). +  * Enter your Windows server hostname to //Host name// field.  Avoid using an IP address to allow WinSCP to verify that the hostname matches with host the server's certificate was issued to (not applicable to self-signed certificates). 
-  * Specify username and password of Windows account you want to connect with (when using domain accounts, you need to specify full username with format ''domain\username'').+  * Specify username and password for Windows account you want to connect with (when using domain accounts, you need to specify a full username with format ''domain\username'').
  * You may want to [[session_configuration#site|save your session details]] to a site so you do not need to type them in every time you want to connect. Press //Save// button and type site name.   * You may want to [[session_configuration#site|save your session details]] to a site so you do not need to type them in every time you want to connect. Press //Save// button and type site name.
  * Press //Login// to connect.   * Press //Login// to connect.

Last modified: by 172.196.13.242