How to allow FTP server in Windows firewall
The built in Microsoft Windows firewall is an add-on service to Windows operating systems such as Windows XP, Vista and Windows 7. It helps protect your computer from unauthorized access while enabling you to configure which Windows services or applications you will allow pass-through to the firewall. This tutorial focuses on the basic FTP and Windows firewall configuration to allow Internet and Intranet users to access your FTP server.
My assumption here is that you already have properly configured Windows FTP service and your computer has a built-in Windows firewall turned on. Your computer is connected on a Local Area Network environment or directly connected to the Internet with assigned public IP address.
After configuring the FTP service, you were not able to access it during testing using another computer on your network. Or maybe you asked your friend connected to the Internet to access your FTP via a URL IP address, however the FTP site is inaccessible. The error message is Internet Explorer Cannot display the webpage.
Now, here is the step by step procedure on how to allow Internet users to access your FTP service/server.
Basic Background on Firewall
Inbound direction is the traffic coming from another computer, connected to a LAN or Internet users, to your computer. By default, only a few inbound ports are open.
Outbound is the traffic coming from your computer to a computer connected to a LAN or to a computer connected to the Internet. By default, your computer can access computers connected to a LAN or thru the Internet. Example is Google’s server www.google.com.
Add the FTP to the Exceptions
You’ll have to add the FTP service port number to the exception list. This simply means that you are telling the Windows firewall not to block the inbound FTP port number from which the Windows FTP service is running. By default, port 21. You’ll have to use the correct port number if you changed the it.
Click Start button, point and click Control Panel icon. From there, double click Windows Firewall Icon as shown in the figure below.
From the Control Panel, double click Windows Firewall icon.
And then click Exceptions tab.
Click Add port.
From the 'Add a port' window, type FTP for Name or whatever name you want. And then type 21 for the Port number. If you configured your FTP to run on a different port, type the correct port number.
You'll notice that the the new exception with the Name you entered will appear on the list. Click Ok button to complete the process.
Now, you'll have to configure and bind your FTP service to which particular network interface it should be running. You can allow it to run on a multiple network interface. In this tutorial, I'll allow the FTP service and bind it to my public/Internet connection network interface (Reserve PCI).
From the Windows Firewall window, click Advanced tab.
Select the network interface from which you'll allow the FTP service. In this case, the 'Reserve PCI' interface is my connection to the Internet. This means that I am allowing Internet users to access my FTP service.
Click Settings button.
On the Service Settings window, just simply click Ok. Click Ok to close the Windows Firewall dialogue boxes.
Now, you're ready to test your FTP server for public/Internet user access.
If you have questions, please leave your comments.