Sounds like a plan gentlemen! I will do that over the weekend. Right now going up to Campus to hang with some of my old Friends. I don't get back up there enough. Thanks for the Answers and help! Joseph -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Thursday, September 16, 2004 7:39 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: FTP in a back to back http://www.ISAserver.org No, ya numnutz... :-} Firewall chaining makes the downstream ISA a firewall client to the upstream ISA. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ----- Original Message ----- From: "josephk" <josephk@xxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Thursday, September 16, 2004 00:20 Subject: [isalist] RE: FTP in a back to back http://www.ISAserver.org Oki dokey, So, I'll load the firewall client on my internal ISA box and then point that to the external ISA machine. That dose make since to me. Or should I implement firewall chaining as a more practical rule? Thank you, Joseph -----Original Message----- From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] Sent: Wednesday, September 15, 2004 10:27 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: FTP in a back to back http://www.ISAserver.org You have to configure the downstream ISA as a firewall client to the upstream ISA or it won't be able to negotiate listeners, etc. This is similar to having ISA behind a "dumb" router/NAT/firewall/cache/bag-o'-chips device where outbound FTP fails because ISA can't negotiate listeners on the upstream device. Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! On Wed, 15 Sep 2004 21:33:52 -0700 "josephk" <josephk@xxxxxxxxx> wrote: http://www.ISAserver.org Hi Thomas, I really like the back to back! However, sometimes the setup for stuff that should be simple seems more complex. Is that what you have found? I want things to be more secure and make sure that if the front end ISA is compromised That the second one will at least hold off until the calve ray arrive. Thank you, Joseph -----Original Message----- From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx] Sent: Wednesday, September 15, 2004 9:29 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: FTP in a back to back http://www.ISAserver.org Hi Joseph, IIRC, it did not work with ISA 2000. I haven't tested it yet with ISA 2004, but I'll give it a go when I get back to my office. Thanks! Tom -----Original Message----- From: josephk [mailto:josephk@xxxxxxxxx] Sent: Monday, September 13, 2004 5:40 PM To: [ISAserver.org Discussion List] Subject: [isalist] FTP in a back to back http://www.ISAserver.org Hi All, Does anyone have any articles about publishing an FTP server in a back to back setup? I have a need to publish an FTP server, not sure if I should put it in the DMZ or if I should put it behind the second firewall. I tried it in the DMZ with all rules 21 - Inbound 20 - Outbound SC 1025 - 5000 outbound SC When accessing the site, it shows adding a document when viewing the folder, then it disappears and the client says that they don't have Permissions to put files there. It works with small text files though but not *.exe or *.are. Thank you, Joseph ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: josephk@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: josephk@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: josephk@xxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx