You have to set up the following three servers to allow site-to-site transfers.
Requirements: MS IIS 5.0 with
Windows 2000 SP1 or later
Information provided by Microsoft
Using regedit.exe add the following registry key (DWORD value)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MSFTPSVC\Parameters\
EnablePortAttack=1
Warning: This DOES open your system to a port attack. Microsoft discourages this.
To support FXP when connecting as a user place
"AllowForeignAddress on" in the Global or VirtualHost context.
To support FXP when connecting as anon you must place "AllowForeignAddress
on" in the Anonymous context.
The config will happily support "AllowForeignAddress on" in multiple places within the config. You may need to add the following "PassivePorts 49152 65534"
Requirements: wu-ftpd 2.6.0
/etc/ftpaccess
First, you need to add an additional class for users that are allowed to do FXP (unless you just want to use the predefined class "all"). If you add a new class, this line MUST be before the catch-all class "all", or the client will match class "all" first.
The line is of the form:
class {ArbitraryClassName} {AccessTypes} {HostAddrs}
[HostAddrs]
Then you add lines to allow PASV and PORT commands to hosts whose IPs don't match the client (to allow FXP)
These lines are of the form:
port-allow {ArbitraryClassName} {HostAddrs}
pasv-allow {ArbitraryClassName} {HostAddrs}
Example
class newclass real,guest,anonymous
*.mydomain.net
*.more.client.addresses.com
class all real,guest,anonymous *
port-allow newclass
0.0.0.0/0
pasv-allow newclass 0.0.0.0/0
This basically adds a new class (creatively called "newclass") - note that it appears BEFORE the line containing the class "all" - this new class contains all hosts in the subdomains mydomain.net and more.client.addresses.com (domains obviously made up by yours truly), in order to limit who we will allow to do FXP. The port-allow and pasv-allow lines basically allow FXP connections to anywhere if your client is in the class "newclass".