FIX: FTP passive mode support for firewall scenarios (810639)


The information in this article applies to:

  • Microsoft Internet Information Services 5.0, when used with:
    • Microsoft Windows 2000 Advanced Server SP3
    • Microsoft Windows 2000 Advanced Server SP2
    • Microsoft Windows 2000 Advanced Server SP1
    • Microsoft Windows 2000 Server SP3
    • Microsoft Windows 2000 Server SP2
    • Microsoft Windows 2000 Server SP1
CPR - Win2000 - Hotfix in SP4
Important This article contains information about how to modify the registry. Make sure to back up the registry before you modify it. Make sure that you know how to restore the registry if a problem occurs. For more information about how to back up, restore, and modify the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows registry

SYMPTOMS

If you must use the Microsoft FTP server (included with Internet Information Services (IIS) 5.0) in passive mode between firewalls, you can fix the range of TCP ports that the server uses for the data channel.

RESOLUTION

A supported feature that modifies the default behavior of the product is now available from Microsoft, but it is only intended to modify the behavior that this article describes. Apply it only to systems that specifically require it. This feature may receive additional testing. Therefore, if you are not severely affected by the lack of this feature, we recommend that you wait for the next Microsoft Windows 2000 service pack that contains this feature.

To obtain this feature immediately, download the feature by following the instructions later in this article or contact Microsoft Product Support Services. For a complete list of Microsoft Product Support Services telephone numbers and information about support costs, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support

The English version of this hotfix has the file attributes (or later file attributes) that are listed in the following table. The dates and times for these files are listed in Coordinated Universal Time (UTC). When you view the file information, it is converted to local time. To find the difference between UTC and local time, use the Time Zone tab in the Date and Time tool in Control Panel.
   Date         Time   Version        Size     File name
   -------------------------------------------------------
   05-Dec-2002  14:34  5.0.2195.6154  118,032  Ftpsvc2.dll
   13-Nov-2002  14:36  5.3.10.0         4,096  Spmsg.dll
   05-Dec-2002  14:42                   7,409  Q810639.cat

Warning Serious problems might occur if you modify the registry incorrectly by using Registry Editor or by using another method. These problems might require that you reinstall your operating system. Microsoft cannot guarantee that these problems can be solved. Modify the registry at your own risk.

The code change in this hotfix honors a registry setting. To define the port range that you want the FTP service to use, follow these steps:
  1. Start Registry Editor.
  2. Locate the following registry key:

    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSftpsvc\Parameters

  3. Add a value that is named PassivePortRange of type REG_SZ.

    Note If the PassivePortRange value exists, the range that FTP will validate is from 5001 to 65535. However, you can use either a range or a single number.

REFERENCES

For more information about how to obtain a hotfix for Windows 2000 Datacenter Server, click the following article number to view the article in the Microsoft Knowledge Base:

265173 The Datacenter program and Windows 2000 Datacenter Server product

For more information about how to install multiple hotfixes with only one reboot, click the following article number to view the article in the Microsoft Knowledge Base:

296861 How to install multiple Windows updates or hotfixes with only one reboot

Modification Type:MinorLast Reviewed:2/14/2006
Keywords:kbHotfixServer kbQFE kbWin2000sp3fix kbWin2000preSP4Fix kbWin2000PreSP3Fix kbfix kbbug KB810639
©2004 Microsoft Corporation. All rights reserved.