Re: trouble using ftp.exe to connect to external site

Hello Richy,

Thank you for reply.

To forward all higher TCP ports to internal client, I suggest the following
steps:

1. If you have a router before the SBS, you have to forward all higher TCP
ports from router to SBS. For detail steps please contact your router
vendor.

Note: After you finish the step 1, we can access active FTP from SBS server

2. Forward all higher TCP ports to one internal client computer:

1) Run rrasmgmt.msc in SBS 2003

2) Extend IP Routing and you should see the NAT/Basic Firewall node

3) Highlight NAT/Basic Firewall and you will see SBS server external
network interface on right (By default the interface name should be
"Network Connection").

4) Right-click Network Connection interface select Properties

5) Click Services and Ports tab

6) Click Add button

7) Enter the description, select TCP or UDP, input port number in Incoming
port box, input internal IP in Private address box, input port number in
Outgoing port box.

Note: You can only input one port number here.

8) Click OK twice

Note: Repeat all above steps all every port from 1024 to 65535. It is a
hard work! That why I do not suggest you do this. If you install the ISA
server 2004, the work is easy. We only need to create a publishing rule.

You also can contact the FTP site support, to make the FTP site only use a
small range of TCP ports. It will the forwarding on RRAS easier.

Important: It is a dangerous action for your network!

I hope these steps will give you some help.

Thanks and have a nice weekend!

Best regards,

Terence Liu(MSFT)

Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security

=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.

Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.

For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
=====================================================

This posting is provided "AS IS" with no warranties, and confers no rights.

--------------------
| X-Tomcat-ID: 92199209
| References: <1187362159.138972.46900@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
<1187615551.207028.122050@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain
| Content-Transfer-Encoding: 7bit
| From: v-terliu@xxxxxxxxxxxxxxxxxxxx (Terence Liu [MSFT])
| Organization: Microsoft
| Date: Tue, 21 Aug 2007 08:05:29 GMT
| Subject: Re: trouble using ftp.exe to connect to external site
| X-Tomcat-NG: microsoft.public.windows.server.sbs
| Message-ID: <k4XWLo84HHA.2340@xxxxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| Lines: 105
| Path: TK2MSFTNGHUB02.phx.gbl
| Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:57965
| NNTP-Posting-Host: TOMCATIMPORT1 10.201.218.122
|
| Hello Thomas,
|
| Thank you for kind update.
|
| The active mode FTP need forward high TCP ports (1024~65535) from router
to
| SBS, then, forward from SBS to one internal client. It is not a good
choice.
|
| Note: The Active mode FTP connection will random use the ports between
1024
| and 65535.
|
| 1. It is very dangerous for your network if you open the whole high TCP
| ports for external. The external will easy enter your internal network.
|
| 2. We can only forward the ports to one internal client computer. That
| means, only this one client can access the FTP site. The other client
still
| cannot work.
|
| 3. The ports forwarding include 1725 (PPTP) and 4125 (RWW), if we do
that,
| the RWW and the VPN will not work.
|
| Therefore, I strongly suggest you do not do the ports forwarding on SBS
and
| router. I suggest you try to change another FTP client software support
| PASV mode FTP to replace the old one.
|
| If there's anything else I can do for you, please do not hesitate to let
me
| know.
|
| Thank you and have a nice day,
|
| Best regards,
|
| Terence Liu(MSFT)
|
| Microsoft CSS Online Newsgroup Support
|
| Get Secure! - www.microsoft.com/security
|
| =====================================================
| This newsgroup only focuses on SBS technical issues. If you have issues
| regarding other Microsoft products, you'd better post in the
corresponding
| newsgroups so that they can be resolved in an efficient and timely
manner.
| You can locate the newsgroup here:
| http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
|
| When opening a new thread via the web interface, we recommend you check
the
| "Notify me of replies" box to receive e-mail notifications when there are
| any updates in your thread. When responding to posts via your newsreader,
| please "Reply to Group" so that others may learn and benefit from your
| issue.
|
| Microsoft engineers can only focus on one issue per thread. Although we
| provide other information for your reference, we recommend you post
| different incidents in different threads to keep the thread clean. In
doing
| so, it will ensure your issues are resolved in a timely manner.
|
| For urgent issues, you may want to contact Microsoft CSS directly. Please
| check http://support.microsoft.com for regional support phone numbers.
|
| Any input or comments in this thread are highly appreciated.
| =====================================================
|
| This posting is provided "AS IS" with no warranties, and confers no
rights.
|
| --------------------
| | From: thomas.ricky@xxxxxxxxx
| | Newsgroups: microsoft.public.windows.server.sbs
| | Subject: Re: trouble using ftp.exe to connect to external site
| | Date: Mon, 20 Aug 2007 06:12:31 -0700
| | Organization: http://groups.google.com
| | Lines: 9
| | Message-ID: <1187615551.207028.122050@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
| | References: <1187362159.138972.46900@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
| | <FWh2chv4HHA.5608@xxxxxxxxxxxxxxxxxxxxxx>
| | NNTP-Posting-Host: 72.22.155.16
| | Mime-Version: 1.0
| | Content-Type: text/plain; charset="us-ascii"
| | X-Trace: posting.google.com 1187615551 10854 127.0.0.1 (20 Aug 2007
| 13:12:31 GMT)
| | X-Complaints-To: groups-abuse@xxxxxxxxxx
| | NNTP-Posting-Date: Mon, 20 Aug 2007 13:12:31 +0000 (UTC)
| | In-Reply-To: <FWh2chv4HHA.5608@xxxxxxxxxxxxxxxxxxxxxx>
| | User-Agent: G2/1.0
| | X-HTTP-UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US;
| rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6,gzip(gfe),gzip(gfe)
| | Complaints-To: groups-abuse@xxxxxxxxxx
| | Injection-Info: 19g2000hsx.googlegroups.com; posting-host=72.22.155.16;
| | posting-account=ps2QrAMAAAA6_jCuRt2JEIpn5Otqf_w0
| | Path:
|
TK2MSFTNGHUB02.phx.gbl!TK2MSFTNGP01.phx.gbl!TK2MSFTFEEDS01.phx.gbl!newsfeed0
|
0.sul.t-online.de!t-online.de!news.glorb.com!postnews.google.com!19g2000hsx.
| googlegroups.com!not-for-mail
| | Xref: TK2MSFTNGHUB02.phx.gbl microsoft.public.windows.server.sbs:57731
| | X-Tomcat-NG: microsoft.public.windows.server.sbs
| |
| |
| |
| | Hello Terrence
| |
| | How can I change SBS to allow for active mode ftp connections. The
| | company that wrote the software to copy the data by ftp no longer
| | exists.
| |
| |
| |
|
|

.