Re: SBS 2003 ISA proxy for FTP fails
From: David Barnes (david_at_nospam-bitsolve.com)
Date: 08/16/04
- Next message: Marina Roos [SBS-MVP]: "Re: win98 clients to SBS 2003"
- Previous message: simon: "Re: SBS 2003 VPN & RADIUS"
- In reply to: Steve Foster [SBS MVP]: "Re: SBS 2003 ISA proxy for FTP fails"
- Next in thread: Steve Foster [SBS MVP]: "Re: SBS 2003 ISA proxy for FTP fails"
- Reply: Steve Foster [SBS MVP]: "Re: SBS 2003 ISA proxy for FTP fails"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 16 Aug 2004 10:25:54 GMT
Steve,
Many thanks for looking into this..
Bearing in mind that this is SBS 2003 and things come 'pre configured' and
you need to use wizards to enable anything. Is there some wizard or setup
bit that I've missed?
Will re-running the CEICW wizard undo any settings I set?
not being an ISA wiz I do need some pointers on what you suggest.
3. I assume this is done in IE.. what setting needs to be tweaked? can I set
this as a domain policy, rather than visit 35 workstations.
4. I never have really got my head round ISA, Read the book, done the
course,
still don't understand it..
My understanding was that IE was port mode unless you set the PASV setting
in advanced.
This would give you
Client Server
>1023 --------control------> 21
>1023 <-------data--------- 20
Note: I'm only representing the 'initial connect' here, and hence what goes
in the 'filter'
For PASV mode:
Port 20 is not used and the local client has to be able to connect a local
dynamic port to a remote dynamic port.(well the proxy has to do this)
Client Server
>1023 --------control------> 21
>1023 -------data---------> >1023
Note: I'm only representing the 'initial connect' here, and hence what goes
in the 'filter'
I thought I had enabled the filters for active mode and setup one to cover
the PASV secondary connection.
SBS comes with some ftp filters pre-defined but disabled. Are these the
correct ones to use?
Have I set these up correctly? what should the filters be set like?
Is there a 'pre configured' rule set that I need to turn on? where do I set
these and what should be in them?
What else do I need to do?
I suppose a better question would be.
What do I need to do to 'out of the tin' SBS 2003 Premium to enable
FTP(Read) proxy access for non windows clients (EG Apple MAC, Unix) and
windows clients without the firewall client installed?
David
"Steve Foster [SBS MVP]" <steve.foster@picamar.co.uk> wrote in message
news:xn0dm22ev1j2rtv00j@msnews.microsoft.com...
> Marina Roos [SBS-MVP] wrote:
>
> > David,
> >
> > You have a choice here:
> >
> > 1. Uninstall ISA from your server.
> > 2. Install the Firewall Client on the clients.
>
> Some more options:
>
> 3. Configure FTP clients for passive mode.
> 4. Create a proper FTP protocol definition in ISA to have TCP/21 as
> primary, with a secondary connection TCP/20 inbound, and set up a
> Protocol Rule to allow this protocol.
>
> --
> Steve Foster [SBS MVP]
> ---------------------------------------
> MVPs do not work for Microsoft. Please reply only to the newsgroups.
- Next message: Marina Roos [SBS-MVP]: "Re: win98 clients to SBS 2003"
- Previous message: simon: "Re: SBS 2003 VPN & RADIUS"
- In reply to: Steve Foster [SBS MVP]: "Re: SBS 2003 ISA proxy for FTP fails"
- Next in thread: Steve Foster [SBS MVP]: "Re: SBS 2003 ISA proxy for FTP fails"
- Reply: Steve Foster [SBS MVP]: "Re: SBS 2003 ISA proxy for FTP fails"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
