Allowing Passive FTP to IIS via NAT

When running an FTP server on Microsoft Internet Information Server (IIS) behind a NAT device (such as most broadband routers) you may encounter a situation where passive FTP connections hang and no data is returned to the client. Before you proceed, ensure the directions of Microsoft's KB555022 article have been followed to set a defined range for the passive FTP ports. Next verify the selected port range is opened for the TCP protocol from the public interface IP address of your router to the internal IP address of the server running FTP.

This article describes how to fix passive FTP in the above situation.

Tested on Windows Server 2003.

Ensure you log into an account with Administrative rights and download the following registry file:

Windows Registry Editor Version 5.00

Double-click the downloaded .reg file and click Yes to confirm you wish to add the settings to your registry. You should then receive a message indicating the information has been successfully imported.

Restart the Application Layer Gateway Service by going to Start→Run and typing cmd to open a command prompt then typing:

net stop alg
net start alg

Connect to your FTP server using a client (such as FileZilla) and test that passive mode is now supported.