RE: FTP in active mode behind a firewall

• From: stephane.lechopier@xxxxxxxxxxxxxxxx
• To: isalist@xxxxxxxxxxxxx
• Date: Mon, 3 Mar 2003 17:49:37 +0100

ISA is behind 2 firewalls which are redondant (one master and one backup)

It's possible that the firewall configuration is bad.
In this case the whole first firewall must be full master and the other one
full backup. But it appears that they are hybrid.
Does the 'ls' or 'dir' command use a different port than a 'status' or 'pwd'
or else ??


-----Message d'origine-----
De : Stefaan Pouseele [mailto:stefaan.pouseele@xxxxxxx]
Envoyé : Monday, March 03, 2003 5:28 PM
À : [ISAserver.org Discussion List]
Objet : [isalist] RE: FTP in active mode behind a firewall


http://www.ISAserver.org


Hi stf,

to give internal clients behind ISA server outbound FTP access on the
standard FTP port number (TCP port 21), don't create packet filters! Just
make sure the FTP application is enabled and the FTP protocol is allowed in
a protocol rule. It's that simple.

If I remember well from your previous message, ISA is behind another
firewall. Or you sure that one is configured correctly?

HTH,
Stefaan

-----Original Message-----
From: stf [mailto:stephane.lechopier@xxxxxxxxxxxxxxxx]
Sent: maandag 3 maart 2003 17:19
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: FTP in active mode behind a firewall


http://www.ISAserver.org


Thanks for your answer.

I already had a look on this article and I use it to create new packet
filters.

I have also created a protocol definition FTP custom which uses port 2121
with 2 secondary connections.(0 for inbound and 1025 to 65534 for
outbound)

but it was unsuccessfull.

so I don't understand !
Do I have some changes to do on my firewall ??
or did I forget some parameters on ISA ??

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
stefaan.pouseele@xxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Exchange Server Resource Site: http://www.msexchange.org/
Windows Security Resource Site: http://www.windowsecurity.com/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
stephane.lechopier@xxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » FTP in active mode behind a firewall
• » RE: FTP in active mode behind a firewall
• » RE: FTP in active mode behind a firewall
• » RE: FTP in active mode behind a firewall
• » RE: FTP in active mode behind a firewall
• » RE: FTP in active mode behind a firewall

1. Home
2. isalist
3. Archive
4. 03-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---