best business builder

Amazon AWS: Setting up FTP on EC2 Windows Instances

After reading this article, you will be able to successfully FTP to a running Amazon AWS EC2 Windows instance without an elastic IP.


First, create a windows instance in Amazon AWS Management Console. Once the instance is accessible, we will need to change some settings:

  1. In AWS, select “Security Groups” from the left-hand menu.
  2. Select the name of the security group for the instance you just created
  3. In the window at the bottom of the screen select the “Inbound” tab from the small frame.
  4. Pick “Custom TCP Rule” from the “Create a new rule” dropdown.
  5. Enter 50000-51000 in the port range field.
  6. In the source field, use discretion. Leaving the field at will allow all. That may be ok depending on your intended use, I’m using it as a disposable server, so I’m not going to get into security in this article.
  7. Select “Add Rule” and the “Apply Rule Changes” (Make sure you do both!!!).
  8. Now repeat the steps 4-7 for port 21.

We are now done setting up the security groups in AWS, let’s setup FileZilla Server. (You can setup any type of FTP server you want, I prefer FileZilla because it is free, rock-solid, and highly configurable. If you want to use something else, just apply the same settings.

  1. Install FileZilla Server on the Amazon Instance (after remoting in) and log into the server interface. (You will have to enable downloads in IE to download FileZilla from their website. )
  2. Click the settings icon on the interface.
  3. On the general settings tab, “Listen on these ports:” will be defaulted to 21. Just leave it.
  4. Select the “Passive mode settings” from the tree on the left.
  5. Place a check mark next to “Use custom port range” and set the port range to “50000-51000”.
  6. Now get your “Public DNS Name” from the Amazon AWS console. Your IP address will be in the Public DNS Name, or you can ping the DNS name to have it resolved for you. (you may be able to use the Public DNS Name, I don’t see why it wouldn’t work, but I personally use the IP instead.
  7. Enter the IP into the “Use the Following IP” field on FileZilla’s “Passive mode settings” screen.
  8. Now follow the instructions that come with FileZilla to setup a group and a user.

Now we are at the final step. You will now need to adjust the Windows Firewall settings to allow the ports we allowed in the AWS Security Group.

    1. On the instance open “Windows Firewall with Advanced Security”.
    2. Now click on “Inbound Rules” on the left-hand pane.
    3. Click on “New Rule” in the right-hand pane.
    4. You should really use the “Program” option***, but I’m going to use the port option and then click next.

***As I said before, I’m not going to cover the topic of security, I’m sure someone will tell you to never do it this way, but this is the way I need it for the testing I’m doing.

  1. Select TCP and the “Specific local ports” option and enter 50000-51000 and press next.
  2. Select “Allow the connection” and press next.
  3. Leave all three options checked and press next.
  4. Type a name for your rule and hit finish. Then repeat these steps for port 21.

And you are done! Go ahead and connect with your favorite FTP client.

one click social media designs

Leave a Reply

Your email address will not be published. Required fields are marked *