Hi. On my ISA 2006 firewall I have a Non-Web Server publishing rule for FTP configured for external access with the following settings:
Action - Allow Traffic - All standard settings, Filter set to read only Traffic from - External (Have tried Anywhere) To - IP address of IIS6.0 server, Requests come from ISA server Networks - External listener Schedule - Always
The problem I get is when I try to connect externally the username and password seem to ok but it seems to bum out straight after with a 550 error.
* About to connect() to www.domain.com.au port 21 * Trying %IP Address%... connected * Connected to www.domain.com.au (%IP Address%) port 21 < 220 Microsoft FTP Service
> USER ftp.access < 331 Password required for ftp.access.
> PASS ***** < 230-Welcome < 230 User ftp.access logged in.
> PWD < 257 "/" is current directory. * Entry path is '/'
With an FTP Client from home it does the same thing.
My IIS6.0 server has been configured text book style pretty much copying the docs online and I even created a 2008 with the new FTP server but got the same thing.
The ISA server logs for FTP only say Initiated Connection then straight after Closed Connection for the rule.
Maybe I have missed something on IIS. I have never setup FTP before so...
Sorry this is kind of scatter brained, but i hope it makes some sense. I prefer to test internally with the basic ftp command from the command line. And filezilla for the external. Internaly you shouldn't have to do anything with passive (which is why i like the dos one) and externally filezilla will show you what is going between the client and the server.
FYI: My FTP works perfectly fine, and that site says the same thing for me. > CLNT Testing from http://www.g6ftpserver.com/ftptest from IP 98.202.138.194 < 550 Access is denied. I have never seen the CLNT command, so i tried it in DOS ftp, it's not a valid command
The fact that it says 230 User ftp.access logged in says to me that it is authenticating properly. If it was permissions on the root folder of the ftp it would say something like home directory inaccessable (access denied) or some non-sense like that.
I would probably start by making it work from internal before worrying about the external. Internal is easier.
Have you tried using FTP from the command line directly to the ftp server's ip address. What about FTP'ing right from the ftp server...ftp localhost and then ftp <internal server ip> And right after logging in, put in dir. Does it bring up a listing of the files.
In the response, if you are connecting from the outside, make sure it shows your external address, if not, you might need to enable the FTP Filter add-in inside of ISA....if it's not enabled, i would enable it anyways. When you try from the inside, do you try and connect directly to the ftp server or to the isa servers ip? External or internal ip?
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA 2006 Publishing] >> Server Publishing >> FTP Publishing as well 
FTP Publishing as well - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread