I set up an FTP server within IIS. The data channel port range is set to 5000-6000 and the "External IP address of firewall" is set to the correct public IP address. In the Azure firewall for this VM ports 20,21 and 5000-6000 are all open. I have temporarily disabled the firewall within the Windows VM while I try to get this to work.
If I connect from FileZilla without using SSL then everything is ok. If I connect with SSL then the below happens (I have changed a username and IP address to xx's)
Status: Connecting to x.x.x.x:21...
Status: Connection established, waiting for welcome message...
Response: 220 Microsoft FTP Service
Command: AUTH TLS
Response: 234 AUTH command ok. Expecting TLS Negotiation.
Status: Initializing TLS...
Status: Verifying certificate...
Status: TLS connection established.
Command: USER xx
Response: 331 Password required
Command: PASS ************
Response: 230 User logged in.
Command: OPTS UTF8 ON
Response: 200 OPTS UTF8 command successful - UTF8 encoding now ON.
Command: PBSZ 0
Response: 200 PBSZ command successful.
Command: PROT P
Response: 200 PROT command successful.
Status: Logged in
Status: Retrieving directory listing...
Command: PWD
Response: 257 "/" is current directory.
Command: TYPE I
Response: 200 Type set to I.
Command: PASV
Response: 227 Entering Passive Mode (x,x,x,x,237,114).
Command: LIST
Response: 150 Opening BINARY mode data connection.
Error: Connection timed out after 20 seconds of inactivity
Error: Failed to retrieve directory listing
Status: Disconnected from server
If I connect to the server without using SSL then this issue isn't there, the files get listed plus I can upload files and everything works OK.
