From: Des Plaines, IL
I have published an FTP server as described in the tutorial at ISAServer.org. I can connect to the server, login, and even change directories, but when I try to do ls, dir, get, or put my session just hangs.
As stated in the article I ran the adsutil.vbs script to disable socket pooling. After I ran the script I re-started msftpsvc and did a netstat -na. My results looked identical to the pre-disabled netstat -ns I ran (port 21 was still listed as listening on IP 0.0.0.0). I then used the Internet Services Manager snap in to force the FTP service to listen only on the servers IP. A netstat -na after that show the port 21 was now only listening on 192.168.1.27. I then disabled the FTP Port Attack Setting and restarted the server. I then created a server publishing rule for the FTP server. I have also tried to do this with a Wed publishing rule and destination set with the same result. I do have a web server published and it is working fine.
My setup ISA Server Windows 2000 Server sp2 ISA Server 2000 sp1 Internal IP in the 192.168.1.x range
FTP Server Windows 2000 Pro sp2 MS FTP service IP address of 192.168.1.27 Setup as a firewall and secure NAT client
The dialog when I connect to the FTP server from the Internet. C:\ftp ftp>open ftp.xxx.com Connected to ftp.xx.com. 220 lt69 Microsoft FTP Service (Version 5.0). User (ftp.xxx.com:(none)): anonymous 331 Anonymous access allowed, send identity (e-mail name) as password. Password: 230 Anonymous user logged in. ftp> ls 200 PORT command successful. 150 Opening ASCII mode data connection for /bin/ls.
and then it sits there, apparently forever (I actually let it sit like that for 30 minutes before killing the command prompt) This work just fine from an internal client (of course).
From: Des Plaines, IL
I have published the server, but it looks like I can only access it using passive mode. I've seen some other discussions on this in the message boards, but not a real definite answer on how to get it to work with port commands. Any ideas? We've decided to tell our user that they need to use WSFTP Pro or enable passive mode in IE, but I have some that like to use the command line client (my self included) and would love to get that working.
I just tried going to your FTP server with the command line client and it works fine! Any idea what I might have done wrong publishing mine so it only works with passive mode clients?
I am having the same problem. I have an FTP Server internal, trying to publish it with ISA. I can use cmd from a DNS server in our DMZ, it works fine. I can also use IE 5.5 for the DNS in our DMZ and login, see folders, and upload files. But the end users can not use ftp with Internet Explorer or a command prompt. The login box is displayed, the correct username and password are entered and then the browser or the command line just hangs. Info: FTP SERVER - NT 4.0 SP6 IIS 4.0 ISA - Windows 2000, Firewall Config, SP1 installed DNS Server in DMZ used as ftp clients - NT 4.0 SP6 External Clients - varies Win95,98 Win2000, Win XP with different versions of IE The site is ftp://ftp.lodgistics.com the user is matrix\ftptest ( domain\username convention) and there is no password. When the clients external set Internet Explorer 'Enable folder view for FTP sites' and 'Use Passive FTP (for firewall and DSL modem compatibility)', they could use their browser to access the ftp site. Is it necessary to set up FTP clients as Passive Mode? Have I missed some config in ISA or maybe configed too much? Please help before I have to place the site into the DMZ, I really don't want to do that unless I have to.
You need to make sure you have inbound & outbound rules for the FTP. FTP uses 21 & 20 for data. So you would need to Server rules published. I run my ftp on the ISA server so I haven't actually tested it. But I can make anything work through ISA, even when it comes to hosting from behind it.
RE: Can connect to FTP, but can't ls get or put - 25.Apr.2002 2:37:00 AM
I am having the "exact" same issue. I have published to an FTP server sitting behind ISA. I can log into it but that is all. I have tried PASV and nonPASV. I have tried through the HTTP/FTP bridge setup in Web publishing as well as the straight Server publishing.
If I go through IE it just hangs on Getting Contents of folder. If I go through FlashFXP I get: Connecting to ftp.doeppel.com Connected to ftp.doeppel.com Port 21 220 server Microsoft FTP Service (Version 5.0). USER doeppel\administrator 331 Password required for doeppel\administrator. PASS (hidden) 230-What do you think you are doing trying to hack my server. 230 User doeppel\administrator logged in. SYST 215 Windows_NT version 5.0 PWD 257 "/" is current directory. TYPE A 200 Type set to A. PORT 4,22,97,133,13,73 200 PORT command successful. LIST 150 Opening ASCII mode data connection for /bin/ls.
RE: Can connect to FTP, but can't ls get or put - 25.Apr.2002 7:52:00 PM
One other note, I can access my FTP server from a machine on the internet that is NOT behind another ISA box. So the only difficulty I have is accessing it from a client that is also behind an ISA server. That same client can access other FTP sites no problem. I'm at a loss.