RE: FTP and tri homed server

  • From: "Thomas W. Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
  • To: "[ Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Fri, 22 Feb 2002 09:55:39 -0600

Hi Phillipe,

I'll have to go back and read that again make sure I haven't confused
myself, but things are a bit more complex.

PORT mode requires:

Inbound: TCP port 21
Outbound: TCP ports >1024

PASV mode requires:

Inbound: TCP port 21
Inbound: TCP ports >1024
Outbound: TCP ports >1024

Here's an article that will show up on TechProGuild in a couple of
weeks. You can see a preview now if you like if you want to understand
the vagaries of the FTP protocol.


-----Original Message-----
From: Philippe [mailto:pmathon@xxxxxxxxxxxxxx] 
Sent: Friday, February 22, 2002 2:37 AM
To: [ Discussion List]
Subject: [isalist] FTP and tri homed server


I red an article from Tom about FTP and a tri homed ISA Server. Tom said
that whan you want to have a FTP Server on a public DMZ, you have to
create two paquet IP filtering: one for the port 21 for the DMZ, and
another one from the port 20 of the FTP Server (if we use a FTP actif
client). But, why create 2 filters, and not only one filter with a
protocol definition with secondary connection ?


You are currently subscribed to this Discussion List as:
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts: