I am trying to publish an ftp server with PASV mode using ISA 2006. I have tried 2 servers and 2 clients, they are Gene6 FTP server and Serv-U ftp server. As clients I have used FlashFXP and Bulletproof. What happens is that when I try to log on I get the error message: [R] 500 The server returned invalid response for PASV command. It takes a while, but the server works anyway, but the transfer speeds are really low and it takes a very long time for me to get the folder list. I have unrestricted internet access from the internal network. I have created 2 rules: First rule is for ftp itself. Action: Allow Traffic: FTP Server (Inbound 21 with ftp access filter) From (External) To: FTP server internal IP address (192.168.0.5) Networks for listener: External Then I have a rule for Passive mode range defined in the server (50000-50100) Action: Allow Traffic: 50000-50100 TCP Inbound, no filter (I have tried turning the ftp filter on but that didn't help) From: External To: 192.168.0.5 (internal FTP server address) Networks: External
< Message edited by Zulan -- 6.Dec.2006 4:33:30 AM >
Ok, I've figured out that it was the ftp filter that blocked the pasv command. Disabeling this makes it work. There's still a performance issue that needs resolving though. If I connect with vpn and then connect to the ftp server there is no performance problems.
< Message edited by Zulan -- 5.Dec.2006 5:58:02 AM >
I've been reading up on ftp and reading forums for 3 days now, but I still can't solve this problem. I have an ftp server configured for passive mode. It works fine, though it took a while for me to find the bug in ISA 2006 causing the problems I where having, that is that if I enable the ftp filter then ISA blocks the PASV response from the server. Quite strange and I'm amazed this could be overlooked. But now to something even stranger. At first it seemed that some ftp clients got quite serious performance issues, including myself from my testing site. I have a 10mbit internet connection but ftp was somehow limited to 170KB/s per user instead of the roughly 1000KB/s that is used normally. I had 2 different users try the ftp, both using FlashFXP and they were both given exactly 170KB/s. I tried all kinds of stuff in order to solve this. Then all of a sudden one user logs on and it all works perfectly, no performance issues. I was baffled, I then tried ftp from IE 7 from my testing site and it all worked perfectly, I was also using flashfxp before?! If I connect with vpn and then try ftp with flashfxp it works perfectly.
This is quite strange since I recently installed my ISA server; the old firewall had no problems with FlashFXP and the ftp server. So I believe that the ISA server is doing something wrong, or I missed a setting somewhere, even though I believe I tried every setting out there. Any ideas?
< Message edited by Zulan -- 6.Dec.2006 4:45:41 AM >
I have found out that it might be related to IP routing. Because if I disable it, I reach normal speeds like 1000KB/s.
Still I feel like I found a workaround and not a solution since it worked fine with IE.
Also, somehow ftp is slower then http. If I try to download the same file through ftp and through http the speeds differ quite noticeable. As you can see from here.
(ftp and http is on the same server)
< Message edited by Zulan -- 7.Dec.2006 9:48:47 AM >
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA 2006 Publishing] >> Server Publishing >> ftp with PASV mode - Performance issues 
ftp with PASV mode - Performance issues - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread