• Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

FTP Publishing (again)

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Publishing] >> Server Publishing >> FTP Publishing (again) Page: [1]
Message << Older Topic   Newer Topic >>
FTP Publishing (again) - 5.Sep.2008 3:19:55 AM   


Posts: 2
Joined: 4.Sep.2008
Status: offline

In a three leg perimeter network, I'm trying to publish a internal FTP Server to external.

I've tried everything, including al the tips from existing topics. The server is published with a server publishing rule, there is a NAT network relationship between the external network and the server and the FTP Access filter is enabled.

When I check with netstat -an, ISA doesn't seem to listen at port 21 on any of the network interfaces.

When I'm trying to acces the FTP the ISA logs return a Denied 0xc004000d Default rule, so it seems that the server publishing rule somehow doesn't apply.

Thanks in advance,


Post #: 1
RE: FTP Publishing (again) - 8.Sep.2008 7:55:52 AM   


Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline

check this tools FWENGMON and see if the socket is listening for the new connection.

If Im not mistaken, ISA sometimes have a little delay to apply the new configurations.

Paulo Oliveira.

(in reply to xander2)
Post #: 2
RE: FTP Publishing (again) - 25.Sep.2008 3:12:39 AM   


Posts: 2
Joined: 4.Sep.2008
Status: offline
Hi Paulo,

I can't get it to work. The configuration is as follows, in a three leg perimeter situation.

ISA External
ISA Internal
FTP Server

Network Rules
NAT from External and perimeter to FTP server

Non Web-Server publishing Rule

From anywhere, to, Selected networks, External and Perimeter, Protocol FTP and access filter is on.

Access Rule
From all networks, to Computer FTP, FTP and FTP server.

The funny thing is, when using the traffic simulator everything looks ok. But it uses the access rule, instead of the server publishing rule. When disabling the access rule, access is denied.

Also, when using FWENGMON, the socket is listening from to

When I try to reach the FTP server from external, it gives an Access denied by the default rule. I can reach the ftp server from ISA and from internal.

Serveral web sites have been published on the same internal server and work correctly.

I'm sure I'm missing something, but can't figure out what exactly.



(in reply to paulo.oliveira)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Publishing] >> Server Publishing >> FTP Publishing (again) Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts