Passive FTP need port range in load balancer rule

Danny 21 Reputation points
2020-09-22T23:37:31.057+00:00

I have an FTP server that the only cost effective way i can see to forward FTP traffic in Azure is through a load balancer. Once i had it set up, it only allows me to add one port to a rule. I have a passive range set up so i need a range of ports. If there is another way to forward FTP traffic, let me know. If the load balancer is the best option, is there a way to add a port range to a rule, and if so what is the syntax? Thank you

Azure Load Balancer
Azure Load Balancer
An Azure service that delivers high availability and network performance to applications.
399 questions
Accepted answer
  1. GitaraniSharma-MSFT 47,011 Reputation points Microsoft Employee
    2020-09-23T01:48:55.833+00:00

    Hello @Danny ,

    Using Azure Load balancer seems to be the best way to forward FTP traffic in Azure but there is no way to add a port range in load balancing rules. You need to create rules for each of those ports in Load balancer individually. For example, if you configure port 65520 to 65530 in Passive mode, then you need to create rules for those ports in Load balancer so that it forwards the traffic to the backend server.

    Test case: If I have opened ports 10001-10005 in Passive mode, then I need to add ports 10001-10005 in my Load balancer rules as below:
    26711-lbrules.jpg

    Please refer to the below similar issue : https://social.msdn.microsoft.com/Forums/en-US/70ebbb08-6f02-46a8-ae5c-2ffac8e83b27/ftp-outbound-behind-load-balancer?forum=WAVirtualMachinesforWindows

    Kindly let us know if the above helps or you need further assistance on this issue.

    ----------------------------------------------------------------------------------------------------------------

    Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Robert Franks 1 Reputation point
    2021-09-15T15:22:34.147+00:00

    I'm running into this same situation where our FTP server uses port 21 as usual, and the data channels (passive) uses a range of 100 ports. I had to add all 100 ports into the ELB as separate LB rules.
    This seems to work fine for more intelligent FTP clients like FileZilla or WinSCP, but when I connect using the built-in Windows FTP client, it connects ok, but completely hangs when I try to run a dir or ls command. I've heard that Windows FTP client doesn't use passive FTP at all? Just active? I would think that would mean it always uses port 21, but have also heard that may not be the case also? Any knowledge on this?