Differences
This shows you the differences between the selected revisions of the page.
2018-02-19 | 2018-02-19 | ||
Restored revision 1515754610. Undoing revision 1519043627. (martin) (hidden) | no summary (172.196.13.242) | ||
Line 73: | Line 73: | ||
===== [[certificate]] Creating Certificate for the FTPS Server ===== | ===== [[certificate]] Creating Certificate for the FTPS Server ===== | ||
- | You need a TLS/SSL certificate to secure your FTPS server. Ideally you should acquire the certificate from a certificate authority. | + | You need a TLS/SSL certificate to secure your FTP server. Ideally, you should acquire the certificate from a certificate authority. |
You may also create a self-signed certificate locally, but in such case users of your FTPS server [[tls#certificate|will be warned]], when connecting to the server. | You may also create a self-signed certificate locally, but in such case users of your FTPS server [[tls#certificate|will be warned]], when connecting to the server. | ||
Line 92: | Line 92: | ||
* Specify your server's external IP address. \\ For [[guide_azure_ftps_server|Microsoft Azure Windows servers]] you will find the external IP address in //Public IP address// section of the virtual machine page. | * Specify your server's external IP address. \\ For [[guide_azure_ftps_server|Microsoft Azure Windows servers]] you will find the external IP address in //Public IP address// section of the virtual machine page. | ||
- | When behind an external firewall, you need to open ports for data connections (obviously in addition to opening an %%FTP%% port 21 and possibly an implicit TLS/SSL %%FTP%% port 990). You won't probably want to open whole default port range 1024-65535. In such case, you need to tell the %%FTP%% server to use only the range that is opened on the firewall. Use a //Data Channel Port Range// box for that. Any time you change this range, you will need to [[#restart|restart FTP service]]. //Learn how to [[guide_azure_ftps_server#firewall|open ports on Microsoft Azure]].// | + | When behind an external firewall, you need to open ports for data connections (obviously in addition to opening a %%FTP%% port 21 and possibly an implicit TLS/SSL %%FTP%% port 990). You won't probably want to open whole default port range 1024-65535. In such case, you need to tell the %%FTP%% server to use only the range that is opened on the firewall. Use a //Data Channel Port Range// box for that. Any time you change this range, you will need to [[#restart|restart FTP service]]. //Learn how to [[guide_azure_ftps_server#firewall|open ports on Microsoft Azure]].// |
Click //Apply// action to submit your settings. | Click //Apply// action to submit your settings. | ||
Line 102: | Line 102: | ||
===== [[window_firewall]] Windows Firewall Rules ===== | ===== [[window_firewall]] Windows Firewall Rules ===== | ||
- | An internal Windows firewall is automatically configured with rules for the ports 21, 990 and 1024-65535, when %%IIS%% %%FTP%% server is installed. | + | An internal Windows firewall is automatically configured with rules for the ports 21, 990 and 1024-65535 when %%IIS%% %%FTP%% server is installed. |
The rules are not enabled initially though some versions of Windows.((The rules are enabled initially on Windows Server 2016.)) &win2016 To enable or change the rules, go to //Control Panel > System and Security > Windows Firewall//((//Windows Defender Firewall// on Windows 10.))// > Advanced Settings > Inbound Rules// and locate three "%%FTP%% server" rules. &wincp If the rules are not enabled, click on //Actions > Enable Rule//. | The rules are not enabled initially though some versions of Windows.((The rules are enabled initially on Windows Server 2016.)) &win2016 To enable or change the rules, go to //Control Panel > System and Security > Windows Firewall//((//Windows Defender Firewall// on Windows 10.))// > Advanced Settings > Inbound Rules// and locate three "%%FTP%% server" rules. &wincp If the rules are not enabled, click on //Actions > Enable Rule//. | ||
Line 112: | Line 112: | ||
To restart %%FTP%% service go to //Control Panel > System and Security > Administrative Tools// and open //Services//. Locate //Microsoft %%FTP%% Service// and click //Restart service//.((Try restarting whole system, if a service restart does not help.)) &wincp | To restart %%FTP%% service go to //Control Panel > System and Security > Administrative Tools// and open //Services//. Locate //Microsoft %%FTP%% Service// and click //Restart service//.((Try restarting whole system, if a service restart does not help.)) &wincp | ||
+ | ====== ===== Level 1 Headline ===== | ||
+ | ==== Level 3 Headline ==== | ||
+ | ====== | ||
===== Adding FTP Site ===== | ===== Adding FTP Site ===== | ||
Line 146: | Line 149: | ||
Start WinSCP. [[ui_login|Login Dialog]] will appear. On the dialog: | Start WinSCP. [[ui_login|Login Dialog]] will appear. On the dialog: | ||
* Select //FTP// protocol and //TLS/SSL Explicit encryption//. | * Select //FTP// protocol and //TLS/SSL Explicit encryption//. | ||
- | * Enter your Windows server hostname to //Host name// field. Avoid using an IP address to allow WinSCP to verify that the host name matches with host the server's certificate was issued to (not applicable to self-signed certificates). | + | * Enter your Windows server hostname to //Host name// field. Avoid using an IP address to allow WinSCP to verify that the hostname matches with host the server's certificate was issued to (not applicable to self-signed certificates). |
- | * Specify username and password of Windows account you want to connect with (when using domain accounts, you need to specify full username with format ''domain\username''). | + | * Specify username and password for Windows account you want to connect with (when using domain accounts, you need to specify a full username with format ''domain\username''). |
* You may want to [[session_configuration#site|save your session details]] to a site so you do not need to type them in every time you want to connect. Press //Save// button and type site name. | * You may want to [[session_configuration#site|save your session details]] to a site so you do not need to type them in every time you want to connect. Press //Save// button and type site name. | ||
* Press //Login// to connect. | * Press //Login// to connect. |