I discovered that issue myself through implementing RIS on the same server as ISA 2004. RIS requires TFTP, among other things, which is a challenge because it requires a huge range of upper ports to be open in order to function correctly. Since we are using the ISA server only as a proxy server at this time, I guess that's not a huge deal. If they decide to actually use it as a firewall, however, it will be a big deal. On Fri, 17 Sep 2004 21:32:37 -0500 "Thomas W Shinder" <tshinder@xxxxxxxxxxx> writes: > http://www.ISAserver.org > > Hi Joseph, > > The issue here is that we're not dealing with simple protocols. FTP > is a > 'complex" protocol that requires mutliple connections both inbound > and > outbound. So any secure firewall implementation isn't going to be > simple > :( > > HTH, > Tom > > -----Original Message----- > From: josephk [mailto:josephk@xxxxxxxxx] > Sent: Wednesday, September 15, 2004 11:34 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: FTP in a back to back > > http://www.ISAserver.org > > Hi Thomas, > > I really like the back to back! However, sometimes the setup for > stuff > that should be simple seems more complex. > Is that what you have found? I want things to be more secure and > make > sure that if the front end ISA is compromised That the second one > will > at least hold off until the calve ray arrive. > > Thank you, > > Joseph > > -----Original Message----- > From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] > Sent: Wednesday, September 15, 2004 9:29 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] RE: FTP in a back to back > > > http://www.ISAserver.org > > Hi Joseph, > > IIRC, it did not work with ISA 2000. I haven't tested it yet with > ISA > 2004, but I'll give it a go when I get back to my office. > > Thanks! > Tom > > -----Original Message----- > From: josephk [mailto:josephk@xxxxxxxxx] > Sent: Monday, September 13, 2004 5:40 PM > To: [ISAserver.org Discussion List] > Subject: [isalist] FTP in a back to back > > http://www.ISAserver.org > > Hi All, > > Does anyone have any articles about publishing an FTP server in a > back > to back setup? > > I have a need to publish an FTP server, not sure if I should put it > in > the DMZ or if I should put it behind the second firewall. > > I tried it in the DMZ with all rules > > 21 - Inbound > 20 - Outbound SC > 1025 - 5000 outbound SC > > When accessing the site, it shows adding a document when viewing > the > folder, then it disappears and the client says that they don't have > Permissions to put files there. It works with small text files > though > but not *.exe or *.are. > > Thank you, > ________________________________________________________________ Get your name as your email address. Includes spam protection, 1GB storage, no ads and more Only $1.99/ month - visit http://www.mysite.com/name today!