Introduction
After reading this article, you will be able to successfully FTP to a running Amazon AWS EC2 Windows instance without an elastic IP.
Background
Amazon AWS offers a year of free instances to some great Windows 2008 virtual machines. This tool is awesome for anyone wanting to test code in the Windows 2008 environment
but would rather not utilize their production machines. The documentation for some
critical tasks in AWS leave a little to be desired though. A quick Google
search turned up no detailed tutorial for setting up FileZilla (or any FTP
Server) on a Windows instance. So I decided to write it!
Using the article
First, create a windows instance in Amazon AWS Management
Console. Once the instance is accessible, we will need to change some settings:
- In AWS, select “Security
Groups” from the left-hand menu.
- Select the name of
the security group for the instance you just created
- In the window at the
bottom of the screen select the “Inbound” tab from the small frame.
- Pick “Custom TCP Rule”
from the “Create a new rule” dropdown.
- Enter 50000-51000 in
the port range field.
- In the source field,
use discretion. Leaving the field at 0.0.0.0/0 will allow all. That may be ok
depending on your intended use, I’m using it as a disposable server, so I’m not
going to get into security in this article.
- Select “Add Rule” and
the “Apply Rule Changes” (Make sure you do both!!!).
- Now repeat the steps
4-7 for port 21.
We are now done setting up the security groups in AWS, let’s
setup FileZilla Server. (You can setup any type of FTP server you want, I
prefer FileZilla because it is free, rock-solid, and highly configurable. If
you want to use something else, just apply the same settings.
- Install FileZilla Server
on the Amazon Instance (after remoting in) and log into the server interface. (You
will have to enable downloads in IE to download FileZilla from their website. )
- Click the settings
icon on the interface.
- On the general
settings tab, “Listen on these ports:” will be defaulted to 21. Just leave it.
- Select the “Passive
mode settings” from the tree on the left.
- Place a check mark
next to “Use custom port range” and set the port range to “50000-51000”.
- Now get your “Public
DNS Name” from the Amazon AWS console. Your IP address will be in the Public
DNS Name, or you can ping the DNS name to have it resolved for you. (you may be
able to use the Public DNS Name, I don’t see why it wouldn’t work, but I personally
use the IP instead.
- Enter the IP into the
“Use the Following IP” field on FileZilla’s “Passive mode settings” screen.
- Now follow the
instructions that come with FileZilla to setup a group and a user.
Now we are at the final step. You will now need to adjust
the Windows Firewall settings to allow the ports we allowed in the AWS Security
Group.
- On the instance open “Windows
Firewall with Advanced Security”.
- Now click on “Inbound
Rules” on the left-hand pane.
- Click on “New Rule”
in the right-hand pane.
- You should really use
the “Program” option***, but I’m going to use the port option and then click
next.
***As I said before, I’m not going to
cover the topic of security, I’m sure someone will tell you to never do it this
way, but this is the way I need it for the testing I’m doing.
- Select TCP and the “Specific
local ports” option and enter 50000-51000 and press next.
- Select “Allow the
connection” and press next.
- Leave all three
options checked and press next.
- Type a name for your
rule and hit finish. Then repeat these steps for port 21.
And
you are done! Go ahead and connect with your favorite FTP client.
Points of Interest
This is my first CodeProject article, so go easy on me!