Re: Publishing FTP server through ISA 2006
- From: Ian S. Salisbury <IanSSalisbury@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 29 Dec 2006 04:51:01 -0800
That is what I read in many places, and that is exactly what I have.
Is there a way to query the setup to confirm?
Actually, I have it listening to an IP address in the Perimeter network. If
I set it to External, the log looks like this:
z.z.z.z - INFOSYS4 - TCP - - - - - - 12/29/2006 12:42:13
PM 33271 0 0 0 0xc004000d
FWX_E_POLICY_RULES_DENIED 0x0 0x0 Firewall 12/29/2006 6:42:13
AM x.x.x.x 21 FTP Denied Connection Default rule z.z.z.z - External Local Host
"Shijaz Abdulla [MVP]" wrote:
You need to create a New --> Server Publishing Rule.
Protocol: FTP Server
Server: <Your FTP Server>
Listen to requests from: External
All Users
After creating the rule, open the Rule Properties and uncheck the "Read
Only" checkbox if you want to allow users to be able to upload files.
Set the default gateway on your FTP server to point to the internal IP of
the ISA server computer.
This is all you need to do to publish an FTP Server.
--
Shijaz Abdulla
MVP, MCSE:Security, CCNA
Articles: www.shijaz.com/isaserver
Forums: www.tech-links.org
"If the only tool you have is a hammer, every problem begins to look like a
nail."
"Ian S. Salisbury" <IanSSalisbury@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:679F3547-CBE8-4F37-9ACF-BBFE7C0D5E08@xxxxxxxxxxxxxxxx
That FTP 21 was from a rule created to allow FTP access from the ISA
server.
I got rid of that and deleted the User-Defined protocols and now the log
looks like this:
z.z.z.z - INFOSYS4 - TCP - - - - - - 12/29/2006 4:23:04
AM 33264 0 0 0 0xc0040017
FWX_E_TCP_NOT_SYN_PACKET_DROPPED 0x0 0x0 Firewall 12/28/2006 10:23:04
PM x.x.x.x 21 FTP Denied Connection - z.z.z.z - External Local Host
Why is the protocol now FTP and not FTP Server? Is that the problem?
Thanks!
-Ian-
It was, but fixing it didn't help:
Original Client IP Client Agent Authenticated Client Service Server
Name Referring Server Destination Host Name Transport MIME Type Object
Source Source Proxy Destination Proxy Bidirectional Client Host Name
Filter
Information Network Interface Raw IP Header Raw Payload GMT Log Time
Source
Port Processing Time Bytes Sent Bytes Received Result Code HTTP Status
Code Cache Information Error Information Log Record Type Authentication
Server Log Time Destination IP Destination Port Protocol Action Rule
Client
IP Client Username Source Network Destination Network HTTP Method URL
z.z.z.z - INFOSYS4 - TCP - - - - - - 12/29/2006 3:47:17
AM 33258 0 0 0 0xc0040017
FWX_E_TCP_NOT_SYN_PACKET_DROPPED 0x0 0x0 Firewall 12/28/2006 9:47:17
PM x.x.x.x 21 FTP 21 Denied Connection - z.z.z.z - External Local Host
I bet my test FTP server has the router as the gateway, not the ISA
server.
I'll test more tonight. Thanks!
-Ian-
- References:
- Re: Publishing FTP server through ISA 2006
- From: Shijaz Abdulla [MVP]
- Re: Publishing FTP server through ISA 2006
- From: Shijaz Abdulla [MVP]
- Re: Publishing FTP server through ISA 2006
- Prev by Date: Re: Last wit gone, no luck publishing SBS 2003 through ISA 2004
- Next by Date: Re: Last wit gone, no luck publishing SBS 2003 through ISA 2004
- Previous by thread: Re: Publishing FTP server through ISA 2006
- Index(es):
Relevant Pages
|
