Ports needed to access FTP.
- From: "Jarryd" <noemail@xxxxxxxxxxxx>
- Date: Wed, 21 Sep 2005 22:13:17 +0100
Hi,
I want to allow someone access to my network by using vpn but restrict
traffic to specific ports. I am using MS Server 2003 SP1 as the VPN server
and have configure a Remote Access policy for the user. I edited the
policy's profile to only allow access to TCP port 21. This is working well.
I tested it by logging in to the VPN server using the userss (not my) login
and doing a telnet in to various ports I know are running on the different
servers and only port 21 works. When I login as myself then my profile
kicks in and I can telnet everything.
The problem I am having is that 21 doesn't seem to be enough. I have opened
up the default FTP site in IE and after it logs me on it tell me I don't
have permisson to access the site. When I remove the packet filter rule in
the policy that applies to the user's login they can access the site, read
its content and write to it.
What else do I need to allow through? I have disabled annoymous access.
The NTFS permissions on the home directory allow only myself and the user
access (Full Control), all other accounts have been deleted from the
folder's ACL. The site security is set to read/write.
I imagine that I need to open some authentication ports, ldap 389 and
kerberos. Is that correct? And is there anything else?
TIA,
Jarryd
P.S. Is there a way to restrict access to a specific destination IP
address?
.
- Follow-Ups:
- Re: Ports needed to access FTP.
- From: Dave
- Re: Ports needed to access FTP.
- Prev by Date: Re: Security.
- Next by Date: Re: Ports needed to access FTP.
- Previous by thread: Security.
- Next by thread: Re: Ports needed to access FTP.
- Index(es):
Relevant Pages
|
