[isapros] Re: FTPS / Secondary Connections
- From: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- To: <isapros@xxxxxxxxxxxxx>
- Date: Sat, 12 Apr 2008 11:15:38 -0700
Thanks Stefaan! I'll give 'er a whirl.
t
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Stefaan Pouseele
Sent: Saturday, April 12, 2008 3:15 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: FTPS / Secondary Connections
Hi Thor,
For outbound FTPS access, check out
http://blogs.isaserver.org/pouseele/2006/10/08/solving-the-secure-ftp-di
lemma-with-isa-server-2004-and-2006/.
For inbound FTPS access, check out
http://www.isaserver.org/tutorials/Publishing-Secure-FTP-Servers.html.
Though not officially supported by MSFT, FTPS seems to work for a lot of
ISA users. ;-)
HTH,
Stefaan
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx]
On Behalf Of Thor (Hammer of God)
Sent: vrijdag 11 april 2008 23:14
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] FTPS / Secondary Connections
So, you can't publish IIS7 FTPS through ISA because the FTP Access
filter gives an Access Denied as soon as one tries an AUTH SSL
(obviously). Since the FTP Access filter is responsible for dynamically
configuring/allowing secondary port access, you can't turn it off
either.
So, if once makes their own protocol to specify FTPS (TCP 21 inbound,
not 991 btw) with a large secondary outbound connection range, ISA fails
with a "unknown protocol" on the outbound secondary connection.
Is there some magic to making ISA recognize secondary outbound
connections for PASV FTP connection within the publishing rule?
t
Other related posts:
