How to set up FTP on Azure VM
You need to add an additional port range, which the ftp server will choose from for each ftp connection.
You'll need to create a bunch of input endpoints, each representing one of the ports in the specified port range. Note that you have a limited number of input endpoints (not sure of the exact number, but you should easily be able to open, say, 50 input endpoints in contiguous ports). Then just set up the ftp server to use that same range. Also, you'll want to map the input endpoint public port to the same private port number, otherwise connections won't be created properly.
After straggling for a while with the 15-points list above, I got the message MS are trying to pass - "No (easy) FTP for you"...
So I went back to the good-old & open Linux world - set up an SCP server using Cygwin. You even get a remote shell as a bonus...
1) Run the Cygwin installer - https://cygwin.com/setup-x86.exe
2) In 'Select Packages' search for
- cygrunsrv (select the one under 'Admin')
- openssh (select the one under 'Net)
3) When done, start the Cygwin Terminal, and type:
ssh-host-config -y -pwd S0me-Str0ng-pa55w0rd
cygrunsrv -S sshd
4) From the Azure VM add an SSH endpoint
5) In Windows FireWall, add Inbound Rule for TCP port 22
And viola - you can connect using WinSCP, Notepad++ and Putty of course...
Notes:
- Unix is case sensitive, so type your user in exact case, e.g. Administrator with capital A
- Your drives are under /cygdrive (c:\ is at /cygdrive/c etc)
Good luck!
There's a great walkthrough from July 2012 'Hosting FTP on IIS 7.5 in a Windows Azure VM' by Ronald Wildenberg about this. He echoes David's answer. These are the stages he goes through:
- First of all, you need a virtual machine. I needed a Windows machine with a SQL Server database so I chose 'Microsoft SQL Server 2012 Evaluation Edition' from the available templates.
- Once the machine has booted, you can RDP into it via the connect option at the bottom of the management portal.
- When you're in, you need to configure IIS. A summary of the required steps:
- Add the 'Web Server (IIS)' role to the server.
- Add the IIS features you need.
- Add a TCP endpoint to your VM in the management portal with public and private port 80.
- To enable FTP, make sure you enable the 'FTP Server' role services for your IIS role:
- The next step is to create the actual FTP site in IIS. Right-click on 'Sites' in IIS Manager and select 'Add FTP Site…'
- Specify the name and the local path for the site:
- Specify binding and SSL information:
- And finally specify who should have access to the FTP site.
- You should now be able to access the FTP site from within the VM. Open a command prompt, type
ftp 127.0.0.1
and login - For active FTP you need to allow access to ports 21 (FTP command port) and 20 (FTP data port) so you need to add two endpoints to your VM
- to configure passive FTP. For this to work, we need to tell the IIS FTP server the port range it can use for data connections and we need to add endpoints to the VM that correspond to this port range.
- configure the port range and external IP address for passive data connections. This can be found in IIS Manager
- The external IP address should be the Virtual IP address you can find in the Azure Management portal.
- If you cannot specify the data channel port range in the IIS Manager use the appcmd utility, which can be found in
%windir%\system32\inetsrv
:appcmd set config /section:system.ftpServer/firewallSupport /lowDataChannelPort:7000 /highDataChannelPort:7014
- You could specify all 15 new endpoints in the Azure portal but that would take ages so use the Windows Azure Powershell cmdlets.
- download the publish settings file. One way is to start Windows Azure Powershell and use the cmdlet 'Get-AzurePublishSettingsFile'. It opens a browser and allows you to download the publish settings file that corresponds to your Windows Live id.
- When you have downloaded the publish settings file, you can import it using the 'Import-AzurePublishSettingsFile' cmdlet and we’re ready to start adding endpoints.
- I simply created a text file containing the list of commands I wanted to run and copied that into the Powershell window:
Get-AzureVM -ServiceName 'myServiceName' -Name 'ftpportal' | Add-AzureEndpoint -Name 'FTPPassive00' -Protocol 'TCP' -LocalPort 7000 -PublicPort 7000 | Update-AzureVM
where 'myServiceName' is the name of my cloud service and 'ftpportal' is the name of my virtual machine. - Although the Windows firewall seems to allow all traffic that is required, you also need to enable stateful FTP filtering on the firewall:
netsh advfirewall set global StatefulFtp enable
- restart the FTP Windows service and we should be up and running:
net stop ftpsvc
net start ftpsvc
It's worth following these steps in the original article not least because he includes useful screenshots for each step, but I thought it was worth quoting extensively here just-in-case. The article also mentions Active FTP vs. Passive FTP, a Definitive Explanation as worth reading.
It would be great if I could report that after following these steps your Azure VM based FTP server will be working and accessible. But unfortunately the steps above did not fix it for me :-(
If you don't mind using FileZilla FTP Server,
Here is what i did, to enable FTP connection to my VM.
- Go to Azure VM (manage.windowsazure.com), and add 2 endpoints:
- Name: FTP (Protocol TCP, Public Port 21, Private Port 21)
- Name: FTP Passive (Protocol TCP, Public Port 60000, Private Port 60000)
- Go back to VM (via RDP), Open connection for port 21, and 60000 on Windows Firewall inbound rule.
- Download and open FileZilla Server.
- Click Edit -> Users and add user and shared directory as needed.
- Click Edit -> Settings. On the sidebar click Passive Mode Settings.
- Check "use custom port range" and enter 60000 - 60000
- On ip4specific part, select radio button "use the following ip", and enter your xxxx.cloudapp.net.
- Save, and run the server. That's it, you can now connect to FTP from outside of VM.
Hope it helps someone.
Cheers