Score:-1

I can access FTP site from Windows 10 Host Pc but not from my Virtual Machine on VMWare

my flag

On my host PC with Windows 10 I installed IIS + FTP Service (NOT FTP Extensibility). Using WinSCP software I can access this FTP site from my public static IP. I cannot access my FTP site if it is hosted on virtual machine (Windows Server 2019) on VMWare Workstation. I can access the FTP site from virtual machine only when I turn private firewall off on that VM. I have forwarded port 21 (TCP) on my home router to Virtual machine. I tried both Bridge and NAT network on my virtual machine but on both setting FTP is available only when I turn private firewall off. What additional setting do I need to do so that I can run live FTP site on my virtual machine?

vidarlo avatar
ar flag
Don't use FTP. It's an archaic 40 year old protocol. Use a sane, modern, alternative, such as HTTPS, SFTP, HTTPS+WEBDAV or similar. There's **no** reason to use FTP.
Hemendr avatar
my flag
Thanks @vidarlo , I will try with SFTP
Score:0
bz flag

These are the things I would check:

  • Is the VM using bridged networking? If not, switch to it so that your VM isn't behind a second VMWare virtual router doing NAT that would also need to be forwarding ports. So unless you only have one IP, which I don't think you have because you mention a home router, switch the VM network mode to bridged first and see what happens.

  • FTP is a funky protocol that in its original "active" form will have the server try to open a port back to the client when you connect. This requires all the firewall/NAT systems in between client and server to understand the protocol and dynamically allow the traffic. Later a "passive" mode was added to the FTP protocol. It had the client connecting to the server twice instead. At one point you had to know this and instruct the client to request passive mode. Modern GUI FTP clients seem to understand this and will try passive as well before giving up. So ideally use passive FTP or at least test with it as well if you can explicitly specify that in the client.

Bonus thoughts:

  • Do you need to use FTP? If you are only serving up files for the world, it's great. But if you are authenticating users and/or allowing people to PUT things up, you might want to look at SFTP. It encrypts the authentication handshake and all traffic between client and server. It also all runs through a single port so it is easy to forward or tunnel as needed.
  • In my experience, running public facing HTTP or FTP services on Windows is not a very secure choice. Since you have VMWare, you have all sorts of options for other operating systems that have better track records for surviving on the internet.
Hemendr avatar
my flag
Thanks @Amos, I tried both bridge and NAT. I am just learning to use FTP so doing some practical labs on it using VMWare.
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.