Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Some wierd behaviour on FTP
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
Some wierd behaviour on FTP - 28.Apr.2004 12:17:00 PM
|
|
|
Danee
Posts: 18
Joined: 22.Mar.2004
Status: offline
|
Hi All,
I have some wierd problem connecting to FTP servers:
My client has the Firewall client installed and the ISA-box as the default gateway.
I have 2 (relevant) rules:
allow - FTP - local host - External - All Users
allow - FTP - internal - External - All Users
When I start a ftp session from a command box everything works fine, I get connected, can logon and retrieve a file list
When I start a ftp session in Internet Explorer, I get connected, provide a username and a logon, and then the party stops (no errors) In the monitor I can see a succesfull connection, with a username without the domainname
If I deselect the 'use a proxy server' in IE the same thing happens. In the monitor I can see a succesfull connection, with a username without the domainname.
If I disable the firewallclient I can connect, can authenticate and browse the server! In the monitor I can see a succesfull connection, without any username information.
If I then turn on the proxy in IE again: I can connect, can authenticate and browse the server! In the monitor I can see a succesfull connection, without any username information.
Then I then changed the rule:
allow - FTP - internal - External - user group
I am a member of the used 'user group'
Now the behaviour is: I get connected, get an authentication dialog and again, after that the party stops! (in every situation, FW client on and off, IE proxy on and off)
With the FW client enabled I can connect using the cmdline ftp. (which is what I expect to happen)
When I connect from the ISA box itself I can connect (IE uses the box as a proxy) if the rule is set for all users, if the rule is set for a group of which the logged on user is a member, the connection isn't possible....
It looks (to me) like the ISA doesn't send it's authentiaction requirements correct to IE, it could be that IE doesn't understand them correctly also, but I don't think that's the case since I tried all the above also on my ISA 2000 box and had no problems....
Cheers,
Danee
|
|
|
|
|
RE: Some wierd behaviour on FTP - 29.Apr.2004 1:34:00 AM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Danee,
Change the browser config so that it doesn't use PASV mode and change disable folder view (or enable it, if it is disabled).
HTH,
Tom
|
|
|
|
|
RE: Some wierd behaviour on FTP - 5.May2004 1:10:00 PM
|
|
|
Danee
Posts: 18
Joined: 22.Mar.2004
Status: offline
|
Hi Tom, thanks for the reply!
I've tried your settings, doesn't help.. The only way can get it working is when I change the rule so that access ia allowed for 'all users'
I also removed my FireWall client and rennstalled it, but that didn't help either...
I still tink it's wierd that the username shown in the monitor doesn't contain a domainpart, could you please comment on that.
Thanks,
Danee
|
|
|
|
|
RE: Some wierd behaviour on FTP - 5.May2004 2:06:00 PM
|
|
|
Danee
Posts: 18
Joined: 22.Mar.2004
Status: offline
|
Hmmm, did try setting IE to Passive mode again and now it works....
But I still don't get why the username shows up without the domainpart
Cheers,
Danee
|
|
|
|
|
RE: Some wierd behaviour on FTP - 5.May2004 8:08:00 PM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Danee,
Is the user logged into the domain?
Is the browser configured as a Web Proxy client?
Thanks!
Tom
|
|
|
|
|
RE: Some wierd behaviour on FTP - 6.May2004 10:02:00 AM
|
|
|
Danee
Posts: 18
Joined: 22.Mar.2004
Status: offline
|
Hi Tom,
Yes the user is logged onto the domain (NT4 Domain)
The client is configured as a webproxy client.
Thanks,
Danee
|
|
|
|
|
RE: Some wierd behaviour on FTP - 7.May2004 12:04:00 PM
|
|
|
tshinder
Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
|
Hi Danee,
What site is giving you the problem? I have no problems connecting to FTP sites (for the most part). Certain firewall do not implement their FTP NAT editors very well, and so ISA has problems connecting to those.
HTH,
Tom
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
