I am running ISA Server in Integrated mode with the clients (Windows 2000) running the Firewall client. The clients and the Server are unable to use the command prompt or IE to FTP to a remote site. I have the following IP Packet Filters enabled: FTP 20 In CustomFilter (TCP/Inbound/All Ports/Remote Port/Fixed/20/Default IP Address On External Interface/All Remote Computers); FTP 20 Out CustomFilter (TCP/Outbound/Fixed Port/20/Remote Port/All Ports/Default IP Address On External Interface/All Remote Computers); FTP 21 In CustomFilter (TCP/Inbound/Fixed Port/21/Remote Port/All Ports/Default IP Address On External Interface/All Remote Computers); FTP 21 Out CustomFilter (TCP/Outbound/All Ports/Remote Port/Fixed Port/21/Default IP Address On External Interface/All Remote Computers). In Protocol Rules, I have a rule called FTP (Enabled, Allow, FTP/FTP Download Only,FTP Server, Always, Any Request). In Site and Content Rules, I have a rule FTP (Enabled, All External Destinations, Always, Allowed, Any Requests, All Content Groups). When I use the command prompt from any client I get "Host is unreachable", yet I can ping the host and I know the ftp server is running (I can access the server via a separate dial-up connection). If I disable the Firewall Client and use the command prompt, I get a message "Connected to xxx.xxx.xxx.xxx" followed by "Connection closed by remote host". This is the first time setting this up in ISA Server and I am thouroughly confused. BTW, web browsing is fine. Any help would be appreciated! Thank you for your time.
I must be dense for the life of me my I can't get clients to access ftp sites with ISA enabled, i get as far as the login and than I get a time out, FTP from the server is fine. I was under the impression that FTP is allowed by default???
I do have a protocol rule to allow ftp, I am successfull to login but with the firewall client enabled the list command doesn't list the contents of the folder & just times out. Everything is fine with the client being disabled.
Now I think I know why the client is able to disable the fiirewall very easily. lol
are you saying that a SecureNAT client can succesfully connect to the external FTP server (login, directory list, download and upload files) and a Firewall client not? That's very weird because usually it is the way around!
Have you already checked the ISA logs to see what is actual happening?
I am having massive troubles in accessing FTP sites with my FW Client. I have enables Secure Nat, Proxy Client and FW client but i try to access a FTP site through IE i can log in but then it times out when retrieving the contents. PLEASE HELP :-)