If you have an IIS with FTP passive mode enabled, you probably want to specify the port range for data channels. That way, you can specify the port ranges in your firewall.
For example, you can specify IIS server’s “FTP Firewall Support”. For example, you can specify The Data Channel Port Range to go from port 5000 to port 5100.
Click “Apply”. You must restart your Microsoft FTP Service in order for the port range to take effect. Doing “iisreset” is not be sufficient.
If you test it using FileZilla client, you should set the debug to level 3 verbose in order to see the data channel port requested by the server.
The key info you are looking for is the following:
227 Entering Passive Mode (a1,a2,a3,a4,p1,p2).
The data channel post is p1*256 + p2.
227 Entering Passive Mode (54,20,20,88,228,225). would mean using port 58593.
Make sure that port is specified by IIS FTP and it is allowed by the firewall inbound rules.