Getting ftp working on my SBS2000 server

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Bill (bpaxton_at_nospam~pacconi.com)
Date: 02/19/04 

Date: Thu, 19 Feb 2004 12:45:53 -0800

first go into ISA, expand your server, expand access
policy, click policy filters. ensure you have created
filters allowing : 1)TCP traffic inbound, all ports going
to remote fixed port 20; 2) TCP traffic outbound, fixed
local port 20 to all ports; and the same two filters for
port 21. Ensure the "use this filter" box is checked.
second, expand policy elements, protocol definitions -
make sure you have definitions for both port 20 and 20.
That should do it. Also recommend isolating ISA as the
problem by bypassing linux server temporarily and testing.
Also test by turning on ftp server in IIS and see if you
can ftp IN through the ISA server.

>-----Original Message-----
>I just found out that our server is not connecting to FTP
>sites or servers, we are running sbs2000 and it has a ISA
>firewall that I have not changed too much. There is also
a
>linux firewall but I have checked the linux firewall and
>nothing on it should prevent FTP from going out or coming
>back.
>
>I am assuming that I have to make a change to the ISA
>firewall because when I do a tcpdump on eth0 of the linux
>firewall there is no FTP traffic going through at all.
>Which makes me believe that it hasnt even left the
sbs2000
>server.
>
>What I have tried to do was I ran the ISA firewall
>management, went to access policy, then to IP packet
>filters. And Selected Create a packet filter typed in the
>name "ftpgoodness" selected allow packet transmission.
>For "use this filter" I selected custom. Selected custom
>protocol and selected the port 21 for both directions.
>selected "Default IP addresses for each external
interface
>on the ISA Server computer". And selected All remote
>computers.
>
>However this seemed to do nothing did not change anything
>I am still not able to see FTP packets going through the
>tcpdump on eth0 or eth1 of the linux firewall. So it does
>not even get out from the server.
>
>Can someone suggest how to set this up so FTP can work?
>.
>

Relevant Pages

  • RE: ISA access rules, help
    ... please let me know whether you're using ISA 2000 or ISA 2004 ... (SBS SP0 or SBS SP1). ... the ISA server will not be used as a proxy server. ... Since SBS already used port 80, ...
    (microsoft.public.windows.server.sbs)
  • RE: Remote Web Workplace not completely working.
    ... In order to allow a remote desktop connection to a client computer through ... TS requests through a firewall on TCP port 4125, ... To open the port 4125 on ISA, we can re-run CEICW to confirm it. ... server certificate) and then click Next. ...
    (microsoft.public.windows.server.sbs)
  • RE: How to add a Citrix Server
    ... ISA about the second address (how do I attach a second IP address to the NIC ... the ISA server to handle the incoming traffic that needs to go to the Citrix ... How would I forward the traffic coming in on the new port to port ... that the newsgroups are staffed weekdays by Microsoft Support professionals ...
    (microsoft.public.windows.server.sbs)
  • RE: ISA access rules, help
    ... please let me know whether you're using ISA 2000 or ISA 2004 ... >(SBS SP0 or SBS SP1). ... the ISA server will not be used as a proxy server. ... Since SBS already used port 80, ...
    (microsoft.public.windows.server.sbs)
  • Re: Win2000 SBS moved to new location... logon issue
    ... I'm typing this reply right now through the VPN ... When you get to ISA, click on "Enable ISA Packet Filtering". ... The popup message you got about ISA filters means that any "custom" ISA ... Security and Acceleration Server | Servers and Arrays | ...
    (microsoft.public.backoffice.smallbiz2000)