FTP Server Publishing Broke

• From: "Tom Rogers" <trogers@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 20 Jul 2004 11:10:52 -0400

On an internal IIS 5 server, I have FTP setup. It is NOT an anonymous FTP, I 
require the user to have domain credentials to use it.
 
On the FTProot folder on the IIS box, I only allow READ access to my users (in 
IIS 5, FTProot has read, write, log and anonymous is disabled).
 
I then have a virtual directory for FTP that is named the same as the username, 
and give them read, write, log permission in IIS and FULL NTFS rights.
 
The SYSTEM account has READ NTFS access on the FTProot folder and FULL NTFS 
access on the username virtual folder. (In addition to the username having full 
access - any other accounts I need?)
 
I published the server on ISA 2000 and was able to connect and up/download 
fine. Then I installed Windows Software Update Services which installed the IIS 
lockdown software. Since then I can no longer connect to the FTP site. So I 
removed the FTP from that IIS box, and set it up on a different internal IIS 
server, the same way. I still cannot connect.
 
I keep getting this ISA Alert intermittently - "Server publishing rule [FTP 
Server] that maps (internal IP):21 TCP to (external IP):21 for protocol [FTP 
Server] was applied successfully. This rule previously failed, but now 
completed successfully."
 
On my FTP software (which worked fine before), it says "Connecting to (external 
IP):21" then "Connected to (external IP):21" then after 15-20 seconds it says 
"Failed to connect to (internet dns name)"
 
Any ideas? I have stopped the published rule and restarted it, stopped and 
restarted the Firewall service, stopped and restarted the entire ISA service, 
etc. I can connect to it internally fine. If I VPN in to my network, I can 
connect to it fine. I just can no longer connect to FTP from the outside. Did 
IIS lockdown software affect ALL internal IIS 5 servers or just the one the SUS 
was installed on?
 
Thanx,
 
Tom Rogers
Systems Administrator  

Schneider Packaging Equipment 
315-676-3035 ext 108 
315-676-2875 Fax 
 <http://www.schneiderequip.com/> http://www.schneiderequip.com 

mailto:trogers@xxxxxxxxxxxxxxxxxx 

"Is all that we see or seem, but a dream within a dream..." 

==================================

 

Other related posts:

• » FTP Server Publishing Broke
• » RE: FTP Server Publishing Broke
• » RE: FTP Server Publishing Broke

1. Home
2. isalist
3. Archive
4. 07-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---