http://www.ISAserver.org ------------------------------------------------------- Got it. I didn't think that was supported. Thomas W Shinder, M.D. Site: www.isaserver.org Blog: http://blogs.isaserver.org/shinder/ Book: http://tinyurl.com/3xqb7 MVP -- ISA Firewalls > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison > Sent: Wednesday, March 22, 2006 3:27 PM > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: [ISAserver.org Discussion List] FTP Servers > > http://www.ISAserver.org > ------------------------------------------------------- > > Intended to support FWC-based publishing a la Proxy 2.. > > > ------------------------------------------------------- > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://isaserver.org/Jim_Harrison/ > http://isatools.org > Read the help / books / articles! > ------------------------------------------------------- > > > -----Original Message----- > From: isalist-bounce@xxxxxxxxxxxxx > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder > Sent: Wednesday, March 22, 2006 11:31 > To: isalist@xxxxxxxxxxxxx > Subject: [isalist] Re: [ISAserver.org Discussion List] FTP Servers > > http://www.ISAserver.org > ------------------------------------------------------- > > Yep, you're right again, working man. > > I just tested it. I wonder why they allow this to be an option? > > Thomas W Shinder, M.D. > Site: www.isaserver.org > Blog: http://blogs.isaserver.org/shinder/ > Book: http://tinyurl.com/3xqb7 > MVP -- ISA Firewalls > > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Jim Harrison > > Sent: Wednesday, March 22, 2006 1:20 PM > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: [ISAserver.org Discussion List] FTP Servers > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > You *can* use "server" protocols in access rules, but the > won't allow > > traffic from the internal to the external net. > > I seriously doubt that Andy has tested this with any reasonable > > process. > > > > ------------------------------------------------------- > > Jim Harrison > > MCP(NT4, W2K), A+, Network+, PCG > > http://isaserver.org/Jim_Harrison/ > > http://isatools.org > > Read the help / books / articles! > > ------------------------------------------------------- > > > > > > -----Original Message----- > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder > > Sent: Wednesday, March 22, 2006 11:09 > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: [ISAserver.org Discussion List] FTP Servers > > > > Dude, > > 'preciate ya, but I don't think that can happen. You can use Server > > PDs in an Access Rule, so unless something is more whack than what > > meets the eye, traces are still in order. > > > > Thomas W Shinder, M.D. > > Site: www.isaserver.org <http://www.isaserver.org/> > > Blog: http://blogs.isaserver.org/shinder/ > > Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP > > -- ISA Firewalls > > > > > > > > > > ________________________________ > > > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat > > Sent: Wednesday, March 22, 2006 1:02 PM > > To: ISA Mailing List > > Subject: [isalist] Re: [ISAserver.org Discussion List] > FTP Servers > > > > > > > > That's OK...I'll keep you and Jim on the right track...J > > > > > > > > ________________________________ > > > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Thomas W Shinder > > Sent: Wednesday, March 22, 2006 3:02 PM > > To: ISA Mailing List > > Subject: [isalist] Re: [ISAserver.org Discussion List] > > FTP Servers > > > > > > > > LOL! I didn't even notice that, it got lost in the noise :)) > > > > > > > > Thomas W Shinder, M.D. > > Site: www.isaserver.org <http://www.isaserver.org/> > > Blog: http://blogs.isaserver.org/shinder/ > > Book: http://tinyurl.com/3xqb7 > > MVP -- ISA Firewalls > > > > > > > > > > > > ________________________________ > > > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Steve Moffat > > Sent: Wednesday, March 22, 2006 12:57 PM > > To: ISA Mailing List > > Subject: [isalist] Re: [ISAserver.org > > Discussion List] FTP Servers > > > > You are such a complete ass Andrew....the > > server protocol is for publishing your own FTP servers. You > > want to allow the FTP protocol. > > > > > > > > S > > > > > > > > ________________________________ > > > > From: isalist-bounce@xxxxxxxxxxxxx > > [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew English > > Sent: Wednesday, March 22, 2006 3:04 PM > > To: ISA Mailing List > > Subject: RE: [isalist] Re: [ISAserver.org > > Discussion List] FTP Servers > > > > > > > > Jim, > > > > > > > > None of the workstations use the web proxy, or > > firewall client software of ISA 2004. They use Secure NAT, > > they are going out through ISA like if you had a dummy > > Linksys cable DSL router. > > > > > > > > Example: > > > > > > > > ISA is on 192.168.1.1 > > > > > > > > GW: for all clients on the DHCP server is > > 192.168.1.1, again there is no web proxy setup and no > > firewall client ware installed. > > > > > > > > Secondly what I meant in my other comment which > > you are so egger to twist around is that I have not tampered > > with the default firewall settings of ISA, yes I have added > > my own rules to the system, but if you look at the default > > core settings for ICMP, etc they have all been left alone. > > > > > > > > Now are you going to keep acting this way if I > > say, you know Jim I installed a new ISA server that only had > > two rules in it, one for the FTP server to the outside using > > the default FTP Server protocol, and the other which is the > > default DENY rule that ISA creates? Are you going to blame on > > the web proxy or firewall client if neither are installed or > > being used? > > > > > > > > Lets be realistic here, if you don't know the > > answer why ISA out of the box with two rules in it won't > > connect to FTP servers that don't use passive mode why make a > > fuss of it? Why not ask Bill to loan you one his boxes, > > install ISA 2004, email me for a couple test accounts and go > > to town, then say geez you know there is a bug or maybe > > Microsoft doesn't care? You have the time and certainly the > > money to investigate it further, than I do yet you keep > > hounding people to show you more evidence before you will get > > off your dairy air and do something.. ;) > > > > > > > > Regards, > > > > Andrew > > > > > > > > ________________________________ > > > > From: isalist-bounce@xxxxxxxxxxxxx on behalf of > > Jim Harrison > > Sent: Wed 22/03/2006 12:33 PM > > To: isalist@xxxxxxxxxxxxx > > Subject: [isalist] Re: [ISAserver.org > > Discussion List] FTP Servers > > > > http://www.ISAserver.org > > ------------------------------------------------------- > > > > No - you said: > > "I seem to only be able to get access to FTP > > servers using PASV modem on my workstations that are setup > > under secure NAT". > > This leaves the failing case hanging somewhere > > between web proxy and firewall clients. > > You also stated: > > "..I have had to reinstall ISA 2004.." and > > "Nothing on the ISA configuration level has been modified or > > changed", which are just a bit contradictory. > > > > You haven't given anyone anything to work from, like: > > - client errors > > - ISA logs > > - captures > > > > If the problem is important enough to involve > > an entire list, its important enough to provide something > > more than conjecture and contradiction. > > > > There are a great many FTP servers that > > disallow active mode; and with good reason. > > > > ------------------------------------------------------- > > Jim Harrison > > MCP(NT4, W2K), A+, Network+, PCG > > http://isaserver.org/Jim_Harrison/ > > http://isatools.org > > Read the help / books / articles! > > ------------------------------------------------------- > > > > > > All mail to and from this domain is GFI-scanned. > > > > ------------------------------------------------------ > > List Archives: //www.freelists.org/archives/isalist/ > > ISA Server Newsletter: > http://www.isaserver.org/pages/newsletter.asp > > ISA Server Articles and Tutorials: > > http://www.isaserver.org/articles_tutorials/ > > ISA Server Blogs: http://blogs.isaserver.org/ > > ------------------------------------------------------ > > Visit TechGenix.com for more information about our other sites: > > http://www.techgenix.com > > ------------------------------------------------------ > > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > > Report abuse to listadmin@xxxxxxxxxxxxx > > > > > > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > All mail to and from this domain is GFI-scanned. > > ------------------------------------------------------ > List Archives: //www.freelists.org/archives/isalist/ > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server Articles and Tutorials: > http://www.isaserver.org/articles_tutorials/ > ISA Server Blogs: http://blogs.isaserver.org/ > ------------------------------------------------------ > Visit TechGenix.com for more information about our other sites: > http://www.techgenix.com > ------------------------------------------------------ > To unsubscribe visit http://www.isaserver.org/pages/isalist.asp > Report abuse to listadmin@xxxxxxxxxxxxx > > > ------------------------------------------------------ List Archives: //www.freelists.org/archives/isalist/ ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server Articles and Tutorials: http://www.isaserver.org/articles_tutorials/ ISA Server Blogs: http://blogs.isaserver.org/ ------------------------------------------------------ Visit TechGenix.com for more information about our other sites: http://www.techgenix.com ------------------------------------------------------ To unsubscribe visit http://www.isaserver.org/pages/isalist.asp Report abuse to listadmin@xxxxxxxxxxxxx