RE: FTP in a back to back
- From: vesterby@xxxxxxxx
- To: isalist@xxxxxxxxxxxxx
- Date: Sat, 18 Sep 2004 14:39:35 -0400
I discovered that issue myself through implementing RIS on the same
server as ISA 2004. RIS
requires TFTP, among other things, which is a challenge because it
requires a huge range of upper
ports to be open in order to function correctly. Since we are using the
ISA server only as a proxy
server at this time, I guess that's not a huge deal. If they decide to
actually use it as a firewall, however,
it will be a big deal.
On Fri, 17 Sep 2004 21:32:37 -0500 "Thomas W Shinder"
<tshinder@xxxxxxxxxxx> writes:
> http://www.ISAserver.org
>
> Hi Joseph,
>
> The issue here is that we're not dealing with simple protocols. FTP
> is a
> 'complex" protocol that requires mutliple connections both inbound
> and
> outbound. So any secure firewall implementation isn't going to be
> simple
> :(
>
> HTH,
> Tom
>
> -----Original Message-----
> From: josephk [mailto:josephk@xxxxxxxxx]
> Sent: Wednesday, September 15, 2004 11:34 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: FTP in a back to back
>
> http://www.ISAserver.org
>
> Hi Thomas,
>
> I really like the back to back! However, sometimes the setup for
> stuff
> that should be simple seems more complex.
> Is that what you have found? I want things to be more secure and
> make
> sure that if the front end ISA is compromised That the second one
> will
> at least hold off until the calve ray arrive.
>
> Thank you,
>
> Joseph
>
> -----Original Message-----
> From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
> Sent: Wednesday, September 15, 2004 9:29 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: FTP in a back to back
>
>
> http://www.ISAserver.org
>
> Hi Joseph,
>
> IIRC, it did not work with ISA 2000. I haven't tested it yet with
> ISA
> 2004, but I'll give it a go when I get back to my office.
>
> Thanks!
> Tom
>
> -----Original Message-----
> From: josephk [mailto:josephk@xxxxxxxxx]
> Sent: Monday, September 13, 2004 5:40 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] FTP in a back to back
>
> http://www.ISAserver.org
>
> Hi All,
>
> Does anyone have any articles about publishing an FTP server in a
> back
> to back setup?
>
> I have a need to publish an FTP server, not sure if I should put it
> in
> the DMZ or if I should put it behind the second firewall.
>
> I tried it in the DMZ with all rules
>
> 21 - Inbound
> 20 - Outbound SC
> 1025 - 5000 outbound SC
>
> When accessing the site, it shows adding a document when viewing
> the
> folder, then it disappears and the client says that they don't have
> Permissions to put files there. It works with small text files
> though
> but not *.exe or *.are.
>
> Thank you,
>
________________________________________________________________
Get your name as your email address.
Includes spam protection, 1GB storage, no ads and more
Only $1.99/ month - visit http://www.mysite.com/name today!
Other related posts:
