Important FTP info from the Web Boards

• From: "Thomas W. Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: <isalist@xxxxxxxxxxxxx>
• Date: Wed, 3 Oct 2001 09:25:59 -0500

Junior Member 


Posts: 11
Registered: Sep 2001 

  <http://www.isaserver.org/ubb/icons/icon3.gif> posted 02 October 2001
18:33
<http://www.isaserver.org/cgi-bin/ubbmisc.cgi?action=getbio&UserName=Jez
> Click Here to See the Profile for Jez
<http://www.isaserver.org/cgi-bin/postings.cgi?action=editpost&forum=Ser
ver+Publishing+Issues&number=6&topic=000262.cgi&ReplyNum=000000&TopicSub
ject=Fix+for+FTP+problem+|QUT|cant+get+directory+listing|QUT|>
Edit/Delete Message
<http://www.isaserver.org/cgi-bin/postings.cgi?action=reply&forum=Server
+Publishing+Issues&number=6&topic=000262.cgi&TopicSubject=Fix+for+FTP+pr
oblem+|QUT|cant+get+directory+listing|QUT|&replyto=0> Reply w/Quote 
  _____  

This relates to the following problems:
1. Can login, but cant get directory listing (usually a "data connection
closed" error"
2. Can only get directory listing in active mode when using IIS on port
21 with server publishing (NOT web publishing) 

This is a known issue by Microsoft which we are experiencing on over 80
ftp sites. It is NOTHING to do with other checkpoint of other firewall
products, its an ISA problem. 


This will be fixed in SP1 (due out Q1 of 2001). However, if you (like
us) have no other solution available, then then beta is out end of next
week which should contain the fix. You must register to be on the beta
SP1 list though. 


Anyway, below is the Q article (no, you will not find this on the
microsoft site, as its a beta post):- 


This is the draft of article Q301575. 


------------------------------------------------------------------------
-------
The information in this article applies to: 


- Microsoft Internet Security and Acceleration Server 2000 
------------------------------------------------------------------------
------- 


SYMPTOMS
======== 


Clients behind firewalls may not be able to download files from a FTP
server that is:
1: Server published by an ISA server and
2: on an IP address that is not the Primary IP. 


This is a FTP problem with ISA doing Server publishing for a FTP server.
ISA has multiple IP addresses on the external interface and using the
second (non
default) ip for publishing the FTP server. When the client makes a PORT
request and provides a IP and port to connect to, the ISA creates a
secondary connection using the default IP address. This is rejected by
firewalls, including ISA... (If the client was behind its own ISA).
Clients directly connected to the internet do not seem to have this
problem. 


In the attached trace, the client is 63.10.70.116 FTP is published on:
209.125.253.232 The primary address on ISA is 209.125.253.230 Frame 111
contains the PORT request from the client Frame 127 shows ISA trying to
connect using the wrong IP address (209.125.253.230). 


>JEREMY: THIS BIT IS NOT CORRECT, THE FIX IS NOT AVAILABLE UNTIL SP1 (or
at least beta sp1) 


RESOLUTION
========== 


A supported fix is now available from Microsoft, but it is only intended
to correct the problem described in this article and should be applied
only to systems experiencing this specific problem. This fix may receive
additional testing at a later time, to further ensure product quality.
Therefore, if you are not severely affected by this problem, Microsoft
recommends that you wait for the next Product Name service pack that
contains this fix. 


To resolve this problem immediately, contact Microsoft Product Support
Services to obtain the fix. For a complete list of Microsoft Product
Support Services phone numbers and information about support costs,
please go to the following address on the World Wide Web:
http://support.microsoft.com/directory/overview.asp
<http://support.microsoft.com/directory/overview.asp>  


NOTE: In special cases, charges that are normally incurred for support
calls may be canceled, if a Microsoft Support Professional determines
that a specific update will resolve your problem. Normal support costs
will apply to additional support questions and issues that do not
qualify for the specific update in question. 


The English version of this fix should have the following file
attributes or
later: 


Date Time Version Size File name Platform
------------------------------------------------------------- 


Well, sorry cant be of more help, but at least you know its nothing
youve done! 


If anyone does have a way around this please let me know, so I can pass
the information directory to the beta team (we have close contact with
the at the moment!). 


isajez@xxxxxxxxxxxxxxxxx 


[This message has been edited by Jez (edited 03 October 2001).]

Other related posts:

• » Important FTP info from the Web Boards
• » RE: Important FTP info from the Web Boards

1. Home
2. isalist
3. Archive
4. 10-2001

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---