*UPDATE* – I always felt this was not the right way to do things but it did work. The right way is to simply add the filezilla server.exe program to a firewall exception as described here
This took me a while to figure out so posting for any future server setups I have to do.
To enable passive mode in FileZilla FTP server on win2003 you need to do the following:
1 – Open a small range of ports in your windows firewall
Firstly make sure port 21 is open.
You can do this under Control Panel -> Windows Firewall -> Exceptions tab -> Add Port
Enter 21 as the port number and FTP as the description ensuring TCP is selected and OK.
Then you need to do the same with a range of ports typically of a much higher number, you can do this using the same approach but that will take a long time to add them, alternatively, create a new textfile called passiveopen.bat and paste in the following:
ECHO OPENING FIREWALL PORTS
FOR /L %%I IN (6500,1,6550) DO NETSH FIREWALL ADD PORTOPENING TCP %%I FTPPort%%I
save then open command prompt (start, run, “cmd” enter)
and type the path and filename of that textfile (E.g. “c:\passiveopen.bat”) which will open the ports 6500 to 6550 for you.
2 – Open the same ports on your router/other firewalls
Depending on your setup you might need to open the same ports on your router and any other hardware and software firewalls you have running.
3 – Tell FileZilla to use those ports for passive mode
In FileZilla server click Edit -> Settings
Select Passive Mode Settings from the menu on the left and enter the ports in the custom ports range box.
Et voila! passive mode should now be firing on all cylinders. Simple and obvious but thought I’d share in case anyone else doesn’t want to dig through the docs and isn’t too familiar with how passive mode works.