ISA is behind 2 firewalls which are redondant (one master and one backup) It's possible that the firewall configuration is bad. In this case the whole first firewall must be full master and the other one full backup. But it appears that they are hybrid. Does the 'ls' or 'dir' command use a different port than a 'status' or 'pwd' or else ?? -----Message d'origine----- De : Stefaan Pouseele [mailto:stefaan.pouseele@xxxxxxx] Envoyé : Monday, March 03, 2003 5:28 PM À : [ISAserver.org Discussion List] Objet : [isalist] RE: FTP in active mode behind a firewall http://www.ISAserver.org Hi stf, to give internal clients behind ISA server outbound FTP access on the standard FTP port number (TCP port 21), don't create packet filters! Just make sure the FTP application is enabled and the FTP protocol is allowed in a protocol rule. It's that simple. If I remember well from your previous message, ISA is behind another firewall. Or you sure that one is configured correctly? HTH, Stefaan -----Original Message----- From: stf [mailto:stephane.lechopier@xxxxxxxxxxxxxxxx] Sent: maandag 3 maart 2003 17:19 To: [ISAserver.org Discussion List] Subject: [isalist] RE: FTP in active mode behind a firewall http://www.ISAserver.org Thanks for your answer. I already had a look on this article and I use it to create new packet filters. I have also created a protocol definition FTP custom which uses port 2121 with 2 secondary connections.(0 for inbound and 1025 to 65534 for outbound) but it was unsuccessfull. so I don't understand ! Do I have some changes to do on my firewall ?? or did I forget some parameters on ISA ?? ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: stefaan.pouseele@xxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Exchange Server Resource Site: http://www.msexchange.org/ Windows Security Resource Site: http://www.windowsecurity.com/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: stephane.lechopier@xxxxxxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')