Re: VPN to ISA server, can't FTP through it
- From: jogdial <jogdial@xxxxxxxxx>
- Date: Sun, 9 Mar 2008 03:42:24 -0700 (PDT)
Hi, thanks for the reply. I've been trying to watch the monitoring,
but so far haven't seen anything coming through. This is a VERY busy
firewall, I've tried not putting any filters on the monitoring at all
thought and I don't see any rule being applied to the FTP upload, or
FTP connection for that matter. As the requests are coming and going
through a VPN, will they not be encrypted anyway? I'm not exactly an
ISA expert, our expert left the company some time ago and hasn't been
replaced. I have a broad knowledge of different firewalls and VPNs,
but have really only been doing simple maintenance on the ISA server,
publishing new web applications mostly. So, if there isn't a specific
rule for FTP to this specific server, and it's coming from a VPN, is
there still an application filter for all traffic?
Thanks again for your help,
I assume that the application filter is
On 7 Mar, 14:54, "Phillip Windell" <philwind...@xxxxxxxxxxx> wrote:
The monitoring Log will tell you what Rule is being used for the FTP.
By default the FTP Application Filter does not allow uploads.
--
Phillip Windellwww.wandtv.com
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processinghttp://www.isaserver.org/articles/ISA2004_AccessRules.html
Troubleshooting Client Authentication on Access Rules in ISA Server 2004http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-...
Microsoft Internet Security & Acceleration Server: Partnershttp://www.microsoft.com/isaserver/partners/default.mspx
Microsoft ISA Server Partners: Partner Hardware Solutionshttp://www.microsoft.com/forefront/edgesecurity/partners/hardwarepart...
-----------------------------------------------------
"jogdial" <jogd...@xxxxxxxxx> wrote in message
news:6bcc320e-f20b-4b68-8157-e3738df66890@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hi,
I seem to have isolated a problem to the ISA server, but it doesn't
make sense to me.
I have several LAN to LAN IPSEC firewalls that endpoint at my ISA
server and connect to a LAN at another place I work and my home
network. I also have the ISA server setup to accept client VPN
connections using PPTP and L2TP.
These all work fine, but the other day, I set up an FTP server on our
internal network. I can FTP to it and put files on it form our
internal network, and all it's segments... so there are no internal
firewall problems.
The problem occurs when I try to "put" a file using FTP through any of
the VPNs. The VPNs are setup to all all protocols, there is no
filtering of any kind. I can connect to the FTP server and login I
can list, I can get files. I CAN'T put files. I can put files from
the internal network, all segments. But I CAN'T put files through the
VPNs. There is an FTP rule on the ISA server (2004 ISA) for our
public FTP server and that allows external users to FTP to the FTP
server in our DMZ. But the other system in our DMZ that I am trying
to FTP to, but going through a VPN has no rules set up for FTP or
anything else, and I would normally not think you need to right?
when I try to put, I get
ftp> put tmp.tmp
200 PORT command successful.
550 Access is denied.
ftp>
Any insight on this problem would be greatly appreciated...
Thanks- Hide quoted text -
- Show quoted text -
.
- Follow-Ups:
- Re: VPN to ISA server, can't FTP through it
- From: Phillip Windell
- Re: VPN to ISA server, can't FTP through it
- References:
- VPN to ISA server, can't FTP through it
- From: jogdial
- Re: VPN to ISA server, can't FTP through it
- From: Phillip Windell
- VPN to ISA server, can't FTP through it
- Prev by Date: Re: VPN to ISA server, can't FTP through it
- Next by Date: Re: VPN to ISA server, can't FTP through it
- Previous by thread: Re: VPN to ISA server, can't FTP through it
- Next by thread: Re: VPN to ISA server, can't FTP through it
- Index(es):
Relevant Pages
|
Loading
