I've had an ISA2000 server in place and working for a number of years, all things consdidered, its been an extremely relaible install, all users are set up with the FWC for access. Recently, access to extenal FTP servers has stopped working for no apparent reason, they're have been no changes to the ISA configuration (including rules and packet filters) for some time, same on the network infrastructure side. While the initial connection and transfer of user/pass info works fine, you cannot get a directory listing from the server - the connection times out (see below).Get this - dedicated FTP clients and IE will not connect to an Internet based FTP server but ftp.exe from a command prompt will!? Makes no sense to me, it should be all or nothing as far as I'm concerned! I've flogged the potential Active / Passive issue to death (both active/passive methods work from the ISA server itself) and I'm flat out of ideas, any assistance or ideas would be appreciated.
CJ
Filezilla snapshot:
Status: Connecting to ftp.server.com ... Status: Connected with ftp.server.com. Waiting for welcome message... Response: 220 FTP Server (x.x.x.x) Command: USER xxxxxxx Response: 331 Password required for xxxxxxx. Command: PASS ****** Response: 230 User xxxxxxx logged in. Status: Connected Status: Retrieving directory listing... Command: PWD Response: 257 "/" is current directory. Command: PORT x.x.x.x,14,187 Response: 200 PORT command successful. Command: TYPE A Response: 200 Type set to A. Command: LIST Response: 150 Opening ASCII mode data connection for file list. Response: 226 Transfer complete. Error: Timeout detected! Error: Could not retrieve directory listing
Command line snapshot:
C:\>ftp ftp.server.com Connected to ftp.server.com. 220 ftp-ie Microsoft FTP Service (Version 4.0). User (ftp.server.com:(none)): xxxxxx 331 Password required for xxxxxx. Password: 230-*************************************************************************** 230- 230-Welcome. 230- 230-*************************************************************************** 230 User xxxxxx logged in. ftp> dir 200 PORT command successful. 150 Opening ASCII mode data connection for /bin/ls. 01-30-06 02:06PM <DIR> directory1 01-16-06 10:47PM 349 ReadMe.txt 01-24-06 12:39PM <DIR> directory1 226 Transfer complete. ftp: 160 bytes received in 0.03Seconds 5.33Kbytes/sec. ftp>
< Message edited by cjay -- 3.Feb.2006 2:47:25 PM >
Because the Microsoft command line FTP client seems to work, I guess there is a problem with tunneled FTP (FTP though HTTP). Could this be the case?
Thanks Stefaan, I read the FTP guide before posting (should have mentioned) and created the packet filters accordingly without much luck. As it happens, I'm forwarding all traffic to the web proxy service, however, the ISA install has always been set up like and FTP has worked until recently. I'll try disabling this function and see what happens....
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA Server 2000 Firewall] >> Firewall Client >> Strange FTP access problems with FWC 
Strange FTP access problems with FWC - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread