Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
RE: How the FTP protocol Challenges Firewall Security article
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
RE: How the FTP protocol Challenges Firewall Security a... - 28.Dec.2006 3:03:27 PM
|
|
|
JasonHammett
Posts: 3
Joined: 6.Dec.2004
Status: offline
|
Yes. I have applied ISA 2004 sp2. I have not applied any other patches or fixes beyond that.
Jason
|
|
|
|
|
RE: How the FTP protocol Challenges Firewall Security a... - 28.Dec.2006 6:08:32 PM
|
|
|
spouseele
Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline
|
Hi Jason,
is the FTP filter bound to the FTP Server protocol?
Did you try it with another FTP server such as IIS?
Any Netmon traces taken simultaneously on the ISA external and internal interface?
HTH,
Stefaan
|
|
|
|
|
RE: How the FTP protocol Challenges Firewall Security a... - 29.Jan.2007 6:39:28 AM
|
|
|
slow_jun
Posts: 7
Joined: 21.Dec.2006
Status: offline
|
How about SSH/SFTP on Isa server 2000? I'm Just a newbie here.
Please help.
thanks,
|
|
|
|
|
RE: How the FTP protocol Challenges Firewall Security a... - 23.Jan.2008 4:51:25 PM
|
|
|
ppape
Posts: 2
Joined: 28.Aug.2006
Status: offline
|
Hi Stefaan,
Great article. I'm running a back to back ISA configuration. I have an application that uses FTP over TLS/SSL connection using the implicit security model in the article. A successful connection with ISA out of the picture makes a direct connection to port 990.
The firewall client is installed on this client. In troubleshooting, all things appear to be pointing to the front end (edge) firewall server. Do you have any thoughts or expericence passing the FTPS traffic throught back to back configuration?
|
|
|
|
|
RE: How the FTP protocol Challenges Firewall Security a... - 24.Jan.2008 3:14:13 PM
|
|
|
spouseele
Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline
|
Hi ppape,
did you also read my blog Solving the Secure FTP dilemma with ISA Server 2004 and 2006?
Which ISA versions are involved?
What are the ISA loggings telling you?
Take note that the inner ISA is a SecureNAT client to the outer ISA server. So, no support for secondary connections in this FTPS scenario on the outer ISA server .
HTH,
Stefaan
|
|
|
|
|
RE: How the FTP protocol Challenges Firewall Security a... - 24.Jan.2008 6:04:14 PM
|
|
|
ppape
Posts: 2
Joined: 28.Aug.2006
Status: offline
|
Stefaan,
I have not read the Blog on ISA 2004 and ISA 2006. I am currenlty running ISA 2000 and trying desperately to get onto ISA 2006. So, I will re-focus my efforts to the upgarde and then configure ISA 2006 as documented in your blog.
I did manage to get the FTPS communication working to the point where the internal ISA server was blocking the secondary connection because of a protocol rule 13301. But I think that's where I will leave it.
Thank you,
Peter
|
|
|
|
|
RE: How the FTP protocol Challenges Firewall Security a... - 26.Jan.2008 5:10:21 AM
|
|
|
spouseele
Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline
|
Hi Peter,
yep, it's strongly suggested you upgrade first to ISA 2006.
BTW --- result code "13301" means "Request denied by the firewall policy".For more info, check out http://support.microsoft.com/default.aspx?scid=kb;en-us;284818.
HTH,
Stefaan
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
