RE: FTP Access problem from internal host to development net behind ISA 2004
- From: "Surago Jones" <surago@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Mon, 10 Oct 2005 19:28:16 +1300
In regards to not seeing anything in the ISA monitor that is denied, I
meant in regards to the FTP access, as with only the 2 Access rules,
there are a heap of denied messages, but they appear to be related to
Windows networking.
________________________________
From: Surago Jones [mailto:surago@xxxxxxxxxxxx]
Sent: Monday, 10 October 2005 19:25
To: [ISAserver.org Discussion List]
Subject: [isalist] FTP Access problem from internal host to development
net behind ISA 2004
http://www.ISAserver.org
HI All,
I have a problem with FTP access, I have configured a virtual network
with VMWare, with an ISA2004 server used to firewall the virtual
network, however I am unable to download from a FTP server on the
virtual network (behind the ISA server), yet I can upload ok.
Here is what I have..
PC1 (Physical Machine)
IP: 192.168.1.65
Mask: 255.255.255.0
GW: 192.168.1.2
PC2 (Virtual Machine, Win2k3, ISA2k4)
Nic1 IP: 192.168.1.20 External Nic Connected to physical lan
Mask: 255.255.255.0
GW: 192.168.1.2
Nic2 IP: 192.168.10.2 Internal Nic Connected to virtual lan
Mask: 255.255.255.0
GW: <blank>
PC3 (Virtual Machine, Win2k3, holds ftp server)
IP: 192.168.10.1
Mask: 255.255.255.0
GW: 192.168.10.2
On PC2 I have setup ISA2004 with a default installation, and it is
configured as an edge firewall. I have configured 2 access rules, one
of which publishes the ftp service on PC3, and a second one that allows
for FTP client access from PC3 to PC1 (This second rule was purely for
testing, I don't need it for the FTP Service.)
PC1 will connect to PC3 via FTP with no problems, I can get the
directory lists, am able to upload files, however I am not able to
download files. (It basically just times out).
Also...
PC3 is able to connect to PC1 via FTP with no problems, I can download
files from PC1, however I can't upload files to PC1, which is
interesting as it appears the network access is the same direction as
the transfers that worked in the previous example.
I have checked in the ISA monitor, and I don't see anything that appears
to be denied.
On a side note, if I open up complete access I am able to use Windows
networking for transferring files across windows shares without any
problems, but still am unable to get FTP to work correctly.
Any suggestions or ideas would be appreciated, as previously I had an
ISA2000 server in place of the ISA2004 server and it worked without any
problems for the network setup.
Cheers.
Surago.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
surago@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
