Re: ISA issues after IP change on external NIC
- From: "SusanV" <svanallen@xxxxxxxxxxxxxxx>
- Date: Mon, 11 Feb 2008 07:32:31 -0500
OK, I found the problem, there was another rule before it in the list that
was blocking.
Thanks for your suggestions!
SusanV
"SusanV" <svanallen@xxxxxxxxxxxxxxx> wrote in message
news:uYEsMiKbIHA.2268@xxxxxxxxxxxxxxxxxxxxxxx
Yes the FTP Outbound Rule is enabled, and NO the Read Only box is NOT
checked - I verified these 2 items prior to posting:
Checked the rule, everything looks fine - internal network allow, to any
external, filtering is NOT set to read only.
So here's the breakdown:
Order # = 6 of 46
Name = SBS FTP Outbound Access Rule
Action = Allow
Protocols = FTP
From = Internal + local host
To = External
Condition = All Users
Right-click, configure, Read Only NOT checked.
Properties:
Context Types = All
Schedule = Always
Users = All Users, no exceptions
Any other ideas?
Susan
"Jon-Alfred Smith" <jonsmi@xxxxxxxxxxxxxxxx> wrote in message
news:clipq3pmccv29glg9r3po6o5bt24taicij@xxxxxxxxxx
On Fri, 8 Feb 2008 16:02:10 -0500, "SusanV"
<svanallen@xxxxxxxxxxxxxxx> wrote:
Thinking:
This is obviously related to FTP Write access. FTP establishes more
than one connection, there's passive and active. The firewall client
handles this smoothly. The SecureNAT client should as well.
Perhaps this: Default with ISA is that the ftp client only has read
only access (list and download).
In my SBS installation (only customized to handle SecureNAT), there's
an SBS FTP Outbound Access Rule, which btw is not enabled. On the
protocol tab there's only one protocol: FTP. Clicking Filtering, up
comes Configure FTP:
x Read Only
When Read Only is selected, FTP uploads will be blocked.
So the check mark has to be removed.
This is the 8th access rule. Perhaps this is enabled in your
configuration. And your new rule is below. Or your rule denies write
access as well.
Sorry for top-posting (which I hate), but your message was so long.
jas
Changing ISPs, so had to change external IP on SBS 2003 R2 with ISA.
Exported ISA config prior. Yesterday I changed the SBS Server external
IP,
ran the CEICW, and had problems with DNS - the server IPs they gave me
were
bad, but before I could get that changed to the correct IPs, the new T1
went
down. Luckily our old provider's T1 is still here, so I simply changed
the
IP and DNS info back, changed the cable to the original ISP's router, and
reran the CEICW. Everything seemed to be happy. (except the new T1, that
has
been a nightmare, still not up)
However, this afternoon I tried to upload some changes to our website
(hosted outside) and could not - error 550 Access Denied. Called the ISP
thinking they changed something, but they could not find a problem, and
were
able to upload to the site using that account. So I hooked a laptop to
the
router (not behind ISA) and was able to upload the files.
Checked the rule, everything looks fine - internal network allow, to any
external, filtering is NOT set to read only. Huh, ok, let's create a new
rule and put it at the top. Ran through the ISA rule wizard, verifying
everything was as it should be, saved the changes and tried again with no
joy,
same issue.
OK, now this is just silly - since I exported the config prior to any
changes (and everything was working fine prior, I had just done a major
site
update the day before) I figured whatever, I'll just import that config.
Exported the current config just for CYA, imported the config from
Weds morning but no joy, still same error 550 Access Denied. (also same
error other computers, using IE or SmartFTP). Also can't overwrite or
delete
files - basically I have read-only access.
Again, I can upload delete whatever from the laptop connected to the
router
(no ISA involved).
This is driving me buggy, any ideas?
SusanV
.
- References:
- ISA issues after IP change on external NIC
- From: SusanV
- Re: ISA issues after IP change on external NIC
- From: Jon-Alfred Smith
- Re: ISA issues after IP change on external NIC
- From: SusanV
- ISA issues after IP change on external NIC
- Prev by Date: Re: ISA issues after IP change on external NIC
- Next by Date: Re: New ISP requires SMTP change...
- Previous by thread: Re: ISA issues after IP change on external NIC
- Next by thread: network performance issues
- Index(es):
Relevant Pages
|
