RE: ftp ports other than 21

This is what I did to achieve connections to FTP on ports other than 21
using a Client behind an ISA Firewall.

I created a Protocol Definition for the IP, with the primary connection set
to the Port Number I needed, Protocol Type TCP, and direction outbound, then
for secondary connections I create 2 listings, 1 each for inbound and
outbound, on port range 1024-65535.

Example Protocol Definition to connect to an FTP on port 2323

Protocol Definition Name - FTP - 2323
Primary Connection Port Number = 2323
Primary Connection Protocol = TCP
Primary Connection Direction = Outbound
Secondary Connection 1 Port Range = 1024 - 65535
Secondary Connection 1 Protocol Type TCP
Secondary Connection 1 Direction = Outbound
Secondary Connection 2 Port Range = 1024 - 65535
Secondary Connection 2 Protocol Type TCP
Secondary Connection 2 Direction = Inbound

Then simply adding this Protocol Definition to a Protocol Rule worked
sweetly.

After doing this, I was able to connect to the non standard FTP port, and
use PASV mode for directory listings.  (I vaguely remember having issues
with PORT mode)

This only works if the Firewall Client is installed on the client machine.



-----Original Message-----
From: Ahmad Jamal [mailto:abobader@xxxxxxxx]
Sent: Tuesday, 16 July 2002 06:27
To: [ISAserver.org Discussion List]
Subject: [isalist] ftp ports other than 21

http://www.ISAserver.org
Any suggestion for this problems, I connect, but it can not go to the folder
listing for the ftp server, it give "error: time out".

Hi all,

When I try to connect to ftp server that have ports number other than 21, I
can not get to the folder list, it will die with "time out" error msg.

I did protocol definition for tcp/outbound port number, then protocol rules
for that ports, and try with and without PASV, same thing, any suggestion or
recheck I must do, thanks.

Other related posts: