Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
PIX 515E+ISA 2004, Publish FTP
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
PIX 515E+ISA 2004, Publish FTP - 8.Jan.2008 12:23:16 PM
|
|
|
rajthampi
Posts: 20
Joined: 19.Jan.2007
Status: offline
|
Hi guys
Hope one of you would answer my question. We have a simple network structure with one Pix 515e, one ISA 2004 server. Though we had implemented this configuration almost year and half ago, we are still struggling to find a way to publish our ftp server through this combination. The ftp server resides on a Windows XP machine and ISA 2004 monitoring displays successful connection establishment to this ftp server from external networks.
Zone alarm pro installed in the ftp server also shows successful connections from external clients, but the external clients (from enternet) never could really establish a successful connection to the ftp site (ftp published with anonymous connection enabled) when the internal clients have no problems at all connecting to the ftp server.
All the default ports (20,21) are opened on both PIX 515e firewall as well ISA 2004. Since we could see ISA allows the external client to establish the connection and Zone Alarm Pro locally installed on the ftp server shows incoming traffic allowed on port 21, we doubt it is the outbound traffic which is being blocked either by ISA, PIX...
Any suggestions would be greatly appreciated to tackle this issue the earliest possible...
Thanks in advance.
_____________________________
If it is a door, it will open.
|
|
|
|
|
RE: PIX 515E+ISA 2004, Publish FTP - 26.Feb.2008 3:10:39 PM
|
|
|
pwindell
Posts: 782
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline
|
I assume that this is a Back-2-Back DMZ with the PIX on the outer edge and the ISA on the inner edge.
Put a client machine with a decent FTP Client between the ISA and PIX (in the DMZ) with a valid DMZ IP config. try to connect to the FTP Server by treating the external nic of the ISA as if it was the FTP Server. If it works then the problem is with the PIX,...if it does not work then the problem may be with the ISA.
The Internal users that you tried should have tried by going directly to the FTP Server's IP# and not involve the ISA.
_____________________________
Phillip Windell
www.wandtv.com
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
