RE: FTP Server Publishing Broke
- From: "Tom Rogers" <trogers@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 20 Jul 2004 21:36:03 -0400
Found the trouble - forgot to make the published server a SecureNAT client.
-Tom
-----Original Message-----
From: Tom Rogers
Sent: Tue 7/20/2004 11:10 AM
To: [ISAserver.org Discussion List]
Cc:
Subject: [isalist] FTP Server Publishing Broke
http://www.ISAserver.org
On an internal IIS 5 server, I have FTP setup. It is NOT an anonymous
FTP, I require the user to have domain credentials to use it.
On the FTProot folder on the IIS box, I only allow READ access to my
users (in IIS 5, FTProot has read, write, log and anonymous is disabled).
I then have a virtual directory for FTP that is named the same as the
username, and give them read, write, log permission in IIS and FULL NTFS rights.
The SYSTEM account has READ NTFS access on the FTProot folder and FULL
NTFS access on the username virtual folder. (In addition to the username having
full access - any other accounts I need?)
I published the server on ISA 2000 and was able to connect and
up/download fine. Then I installed Windows Software Update Services which
installed the IIS lockdown software. Since then I can no longer connect to the
FTP site. So I removed the FTP from that IIS box, and set it up on a different
internal IIS server, the same way. I still cannot connect.
I keep getting this ISA Alert intermittently - "Server publishing rule
[FTP Server] that maps (internal IP):21 TCP to (external IP):21 for protocol
[FTP Server] was applied successfully. This rule previously failed, but now
completed successfully."
On my FTP software (which worked fine before), it says "Connecting to
(external IP):21" then "Connected to (external IP):21" then after 15-20 seconds
it says "Failed to connect to (internet dns name)"
Any ideas? I have stopped the published rule and restarted it, stopped
and restarted the Firewall service, stopped and restarted the entire ISA
service, etc. I can connect to it internally fine. If I VPN in to my network, I
can connect to it fine. I just can no longer connect to FTP from the outside.
Did IIS lockdown software affect ALL internal IIS 5 servers or just the one the
SUS was installed on?
Thanx,
Tom Rogers
Systems Administrator
Schneider Packaging Equipment
315-676-3035 ext 108
315-676-2875 Fax
http://www.schneiderequip.com <http://www.schneiderequip.com/>
mailto:trogers@xxxxxxxxxxxxxxxxxx
"Is all that we see or seem, but a dream within a dream..."
==================================
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
trogers@xxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist < /BLOCKQUOTE>
Other related posts:
