RE: FTP and tri homed server

Hi Phillipe,

I'll have to go back and read that again make sure I haven't confused
myself, but things are a bit more complex.

PORT mode requires:

Inbound: TCP port 21
Outbound: TCP ports >1024

PASV mode requires:

Inbound: TCP port 21
Inbound: TCP ports >1024
Outbound: TCP ports >1024

Here's an article that will show up on TechProGuild in a couple of
weeks. You can see a preview now if you like if you want to understand
the vagaries of the FTP protocol.

http://www.tacteam.net/isaserverorg/ftp_dmz.htm


HTH,
Tom
www.isaserver.org/shinder


-----Original Message-----
From: Philippe [mailto:pmathon@xxxxxxxxxxxxxx] 
Sent: Friday, February 22, 2002 2:37 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] FTP and tri homed server

http://www.ISAserver.org


Hi,

I red an article from Tom about FTP and a tri homed ISA Server. Tom said
that whan you want to have a FTP Server on a public DMZ, you have to
create two paquet IP filtering: one for the port 21 for the DMZ, and
another one from the port 20 of the FTP Server (if we use a FTP actif
client). But, why create 2 filters, and not only one filter with a
protocol definition with secondary connection ?

thanks.

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


Other related posts: