Downstream ftp user problems (Full Version)

All Forums >> [ISA Server 2000 Firewall] >> Firewall Client


rglauser -> Downstream ftp user problems (28.Oct.2005 6:20:00 PM)

I have a ISA 2000 server as a backend firewall in an extended network. The ISA server is a stand alone server in it's own subnet. Authentication through the firewall is accomplished by local user accounts on the ISA server. Users needing internet access are web proxy clients only. Users that are within the LAN, but belong to different domains can connect to external ftp sites after the firewall client is installed on their machine. My problem is that users in downstream subnets, and by that I mean at the other end of a privately managed vpn cloud receive http:// 502 proxy errors, even though they have the firewall client installed on their machines. These users can browse the internet, and they can resolve the ip address of the ftp site so I don't think it's a dns issue. It doesn't matter if they use the Microsoft ftp client or a third party client. They still get error messages. We have already tried passive and active ftp along with folder lists. I've tried them as secure nat and as firewall clients only. I am at my wits end trying to figure this one out. Why does it work in the LAN but not across the WAN? All sites are contiguous subnets.

Page: [1]