Anyone know where or how to define the data ports that FTP and FTP/s use?
Under normal FTP 21 is the command port and 20 is the data port.
But when setting up a webMethods FTP or FTP/s listener port under IS 6.5 there is only a single port entry box, which is the command port. There is no entry box for the data port.
The issue is that unless we can restrict IS to use a specific data port, we can’t set up Firewall rules to allow connections in from the outside.
For normal FTP would would just say, allow xx.xx.xx.xx IP address to connect to server xyz on ports 20 and 21, then tell the client to use passive mode. And this works fine.
But unless I can tell IS to use a specific data port for each FTP and FTP/s connection, or at least find some way of finding out what IS is using, then we can’t configure the Firewall to allow the connections in.
I have seen the extended setting such as ‘watt.net.ftpPassivePort.max’, but these seem to be global settings rather than per listening port, plus is it safe to set both ‘watt.net.ftpPassivePort.max’ and ’ watt.net.ftpPassivePort.min’ to the same port number to restrict it to use only one port? (In the same way normal FTP works).
I’ve used a TCP/IP sniffer to see what actually happens, and IS seems to start using a port higher than the command port, but then keeps incrementing by one for each data connection (‘ls’, ‘get’, ‘put’ etc).
Ideally I’d like to be able to specify that the data ports always be one higher, or lower, than the command port for each listening port.
Thanks in advance for any help.