Windows Firewall: Blocking access to port 21 except for 1 IP.


Recommended Posts

Hello,

I have been trying to block FTP access completely except the one IP eg. 202.5.58.xx.

so that users could only access FTP server on that server only. problem is windows firewall do not have exception or i cant find it. it just completely blocks all port 21. including the one i want to allow.

i remember using sygate or kerio firewall in which i defined exception for the certain ip. but this option no where to be found in windows firewall.

Link to comment
Share on other sites

Can't do it with Windows Firewall.

Two options:

1) Use a different firewall

2) Set the limit on the FTP server. If you used Filezilla Server, for example, you can do exactly what you want.

Easiest fix, though, to stop someone from accessing the server is to set it as a completely different port (just make something up) and use a difficult password.

Link to comment
Share on other sites

actually the server i want to allow access is not configured by me its a web-hosting ftp server. so i cannot change the port or settings..

is there a firewall which integrate with AD. ??

Link to comment
Share on other sites

I just don't want any un-authorised data uploaded to any where .. i have restricted online storages , cloud storages. etc. and i did blocked port 21 of FTP completely.. but recently i have to allow ftp access to only one host only.

Link to comment
Share on other sites

And again why would you do that each client?? You would do that at your firewall/gateway between your network and the internet. Not each freaking client -- thats just insane!

Link to comment
Share on other sites

because i want these setting on only 2 computers on domain. only 2 computers are allowed to access ftp on whole domain.

I do not have a separate gateway server just a router connected directly to the network.

Link to comment
Share on other sites

And yeah your router should be able to do it!! You don't block something at every single client in a network -- you block and allow things at the borders of your network.

Which router do you have -- I would be very surprised if you could just allow access to this server from only the clients you want. Unless its some really really crappy home router sort of thing. Your at business right?? Then your router should be atleast a smb class router.. If it is a bs home router -- then you could put some 3rd party on it and get this most basic of features.

Your out of your mind if you think installing some third party software on each of your machines, or even configuration of built in software firewall is the correct method to control flow in and out of your network.

What make/model router do you have? And we can see what features it has.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.