Re: FTP Data Transfer on ISA

  • From: "Siatkowski, Jason" <jsiatkowski@xxxxxxxxxxxxxx>
  • To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
  • Date: Wed, 22 Aug 2001 16:12:34 -0400

In my situation, my ISA is (hopefully) configured to route FTP requests
directed at it's external NIC to an internal FTP server. It seems to work
fine when connecting, yet the directory listing closes the connection.

-----Original Message-----
From: jay vaughan [mailto:jay@xxxxxxxxxx]
Sent: Wednesday, August 22, 2001 3:50 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: FTP Data Transfer on ISA


http://www.ISAserver.org


>http://www.ISAserver.org
>Have been struggling with this for months and maybe i'm just knee deep and
>can't see the real problem. But here's the deal,
>>From my ISA server I can login to an FTP site succesfully but whenever i
>go to do a directory listing or attempt to get a file the Opening ASCII
>connection prompt open but just sits there and never responds.Now i can
>repeat the same steps from a machine inside my firewall and it will login
>and transfer data and directory listings just fine. Which would tell my my
>proper ports are open. What gives?

Why are you trying to FTP something from your ISA server?

Firewalls should *never* be used for things like this.   To do so, is 
to weaken the security of the one thing that's keeping your network 
safe.

Once you set up a firewall machine, don't use it for production 
purposes.  If your client machines, on your internal protected 
network, can do FTP, then use them for FTP.  Leave your firewall 
alone, stop using it!  :)

But, more than likely, you don't have a packet filter that allows the 
FTP control service (port 20, I think) through for your firewalls 
external interface.

Trust me, though.  Don't use your Firewall machine for things that 
you can use your networked workstations for ...

-- 


j.

--
  jv - Jay Vaughan - seclorum@xxxxxxx - jay@xxxxxxxxxx

  ~... threads rolling, keep the threads rolling ...~

------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jsiatkowski@xxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts: