This is what I did to achieve connections to FTP on ports other than 21 using a Client behind an ISA Firewall. I created a Protocol Definition for the IP, with the primary connection set to the Port Number I needed, Protocol Type TCP, and direction outbound, then for secondary connections I create 2 listings, 1 each for inbound and outbound, on port range 1024-65535. Example Protocol Definition to connect to an FTP on port 2323 Protocol Definition Name - FTP - 2323 Primary Connection Port Number = 2323 Primary Connection Protocol = TCP Primary Connection Direction = Outbound Secondary Connection 1 Port Range = 1024 - 65535 Secondary Connection 1 Protocol Type TCP Secondary Connection 1 Direction = Outbound Secondary Connection 2 Port Range = 1024 - 65535 Secondary Connection 2 Protocol Type TCP Secondary Connection 2 Direction = Inbound Then simply adding this Protocol Definition to a Protocol Rule worked sweetly. After doing this, I was able to connect to the non standard FTP port, and use PASV mode for directory listings. (I vaguely remember having issues with PORT mode) This only works if the Firewall Client is installed on the client machine. -----Original Message----- From: Ahmad Jamal [mailto:abobader@xxxxxxxx] Sent: Tuesday, 16 July 2002 06:27 To: [ISAserver.org Discussion List] Subject: [isalist] ftp ports other than 21 http://www.ISAserver.org Any suggestion for this problems, I connect, but it can not go to the folder listing for the ftp server, it give "error: time out". Hi all, When I try to connect to ftp server that have ports number other than 21, I can not get to the folder list, it will die with "time out" error msg. I did protocol definition for tcp/outbound port number, then protocol rules for that ports, and try with and without PASV, same thing, any suggestion or recheck I must do, thanks.