In this tutorial I am going to show on how to enable FTP connection to a Windows Azure VM. First we will create a brand new VM, then we enable FTP Server in it. Then we open TCP ports (Data and Control Ports) for FTP communication and add inbound rules in firewall. As the third step we are going to create an FTP site as communication channel and associate public IP to it. Finally we test it using FileZilla client and verify FTP Connection.
Lets get start by creating a VM -
Then download RDP file, so that we can logon to it remotely and enable FTP Server.
Click on RDP file which got downloaded and enter username and password. VM will be opened remotely as shown below. Click on “Add Roles and Features”
now in opened “Add Roles and Features Wizard”, navigate to “Server Roles” and select “Web Server (IIS)”. This will prompt to “Add features that are required for Web Server (IIS)?”. Select “Add Features”.
Now navigate to “Role Services” under “Web Server Roles (IIS)” and select FTP Server Checkbox as shown below.
After selecting FTP Server, Click Next and the click Install.
Once installation done, click Close.
Now we need to add necessary ports for control and data channels. We are going to use 2500 port for Control port and 10000-10001 ports for Data ports. We will do that using Azure Powershell Cmdlets.
First download Azure tools from – http://go.microsoft.com/?linkid=9811175&clcid=0x409. Then run the Windows Azure Powershell (as administrator).
To run Azure Cmdlets, we need othave subscriber publishsettings. To download publsihsettings from Azure visit the following link – https://windows.azure.com/download/publishprofile.aspx. IMPORTANT: To run below Cmdlets, save the publishsettings file in C drive.
Now run following commands one by one in the order -
Select-AzureSubscription –SubscriptionName ‘Your subscription Name’
$vm = Get-AzureVM ‘VM Name’
Add-AzureEndpoint -VM $vm -Name “control” -Protocol “tcp” -PublicPort 2500 -LocalPort 2500
Add-AzureEndpoint -VM $vm -Name “ftp” -Protocol “tcp” -PublicPort 10000 -LocalPort 10000
Add-AzureEndpoint -VM $vm -Name “ftp1″ -Protocol “tcp” -PublicPort 10001 -LocalPort 10001
$vm | Update-AzureVM
UPDATE 2/24/2017 – If we do not want to use Azure PowerShell and add the ports, then in new Azure Portal we can add it to VM’s Network Security Group as shown below.
Once the ports are added Azure portal should reflect those changes as show below.
Now lets go back to our Remote Connection to VM to create new FTP Site. Open Internet Information Services(IIS) Manager.
enter “myftp” as site name and then map it to C drive. Click Next.
enter port as 2500 and disable SSL. Click Next.
Select Basic Authentication, and allow access for ALL USERS with READ/WRITE permissions. Click Finish.
Now click on Server name and then FTP Firewall support icon as shown below.
Enter 10000-10001 port range and click on apply.
Now select Myftp site and click on “FTP Firewall Support”. Keep it open, as we need to find the Virtual IP Address of the VM and enter it into here. To get VIP address, check next step in this tutorial.
Now get back to Azure and check the VIP address as shown below.
Enter the VIP address in the above step and click apply.
As a next step we need to create InBound Rules for the allowed Control and Data ports in the Firewall. Open “Windows Firewall with Advanced Security”. Right click InBound Rules and select “New Rule…” as shown below.
Select Port. Click Next.
Enter port range as “10000-10001” and click next.
Select “Allow the connection”. Click Next.
Select Domain, Public and Private. Click Next.
Enter “dataports” as the name and click finish.
Similarly repeat the same process of port 2500 and name it as “controlport”.
Once all the above steps are done, we need to restart “Microsoft FTP Service”. For that open Run (using Windows button + R) and enter services.msc and click enter.
In the Services pane, right click on Microsoft FTP Services and select Restart.
Once restarted. We can use FileZilla to connect to our FTP Server in our VM. Connected successfully.