Re: Publishing FTP server through ISA 2006

Tech-Archive recommends: Speed Up your PC by fixing your registry

Is this even possible any more, or are we required to use a firewall client
or something?

Yes it is possible.

While you make the connection and it automatically disconnects, see the logging tab (under Monitoring) in ISA 2006 management console. Post back what you see there...

--
Shijaz Abdulla
MVP, MCSE:Security, CCNA

Articles: www.shijaz.com/isaserver
Forums: www.tech-links.org

"If the only tool you have is a hammer, every problem begins to look like a nail."

"Ian S. Salisbury" <IanSSalisbury@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message news:4C3C68E8-B593-4D2E-93D0-D0DFACB51033@xxxxxxxxxxxxxxxx
Is this even possible any more, or are we required to use a firewall client
or something?

We were running ISA 2000 previously. A hardware failure was the catalist for
upgrading now.

I have no trouble publishing web servers and exchange servers, but no matter
what I try, FTP either never responds, or quickly closes the connection:

Z:\>ftp
ftp> open x.x.x.x
Connected to x.x.x.x
Connection closed by remote host.
ftp>

This is ISA 2006 Standard, using the 3-Leg Perimiter template. I've tried
countless combinations of firewall rules, but the one I think should work is:

Name - Allow - FTP Server - Perimiter - y.y.y.y (internal IP of FTP server)

If I check the FTP Access Filter on the FTP Server protocol I get the quick
close. If I leave it unchecked, I get no response.
I've tried accessing from multiple machines with multiple clients, the Linux
response is:
[isalisb@mail isalisb]# ftp
ftp> open x.x.x.x
Connected to x.x.x.x (x.x.x.x).
421 Service not available, remote server has closed connection
ftp>

Connecting internally works fine:
U:\>ftp
ftp> open y.y.y.y
Connected to y.y.y.y.
220 Microsoft FTP Service
User (y.y.y.y:(none)):

Any ideas? Can I provide more info?
Thanks!
-ian-







.

Relevant Pages