Install IIS role on the server. I made sure this server was off domain and in our DMZ with a single NIC. A static NAT was created on the firewall to give it an external address and limit the port access to only TCP Port 990. I have added a wild card certificate to the servers Local Computer Personal Certificate store.
Once IIS was installed, open IIS Management console from the server. Right click the server and select “Add FTP Site…”
Give the site a name and click Next.
Select the highlighted options. Note, I have allocated the wildcard cert from earlier to this site. Click Next.
Select the highlighted options and click Finish.
This is what the site should look like.
Double Click the FTP Directory Browsing and ensure the following option is selected. Double click the site to get back.
Double Click the FTP SSL Settings and ensure the following option is selected. Double click the site to get back.
Prevent users browsing outside their folders by the following settings under FTP User Isolation. Double click the site to get back.
Open local users and groups in computer manager:
Right click and create a new user:
Note I made the account password to never expire and the user cannot change it.
Make sure the password is Complex!!
Go in to the new users properties and make them a member of FTP Users:
You need to create the users home folder so that they can connect to their FTP storage!
Go in to the folder properties and add the new user to the permissions list granting modify access:
Test the connection using Filezilla:
Template email to new users
Connection requires an FTP client such as Filezilla as IE does not support secure FTP connections. Here is connection details that are needed:
- Site: ftp.aaa.co.uk
- Port: 990
- Protocol: FTP
- Encryption: Implicit FTP over TLS
When you first connect, you will be asked to accept the certificate; please do so.
Here is the FTP account details for xxx:
- Username: XXXXXX