RE: SecureNAT and PASV FTP

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 12 Jun 2003 22:08:34 -0500

Hi Jim,

That's definitely true. I've only seen the first and second addresses
used, but other people have mentioned that they've seen them go almost
to the bottom of a list of 10 or more addresses.

Tom

Thomas W Shinder
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp

 


-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] 
Sent: Thursday, June 12, 2003 9:23 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SecureNAT and PASV FTP


http://www.ISAserver.org


Apparently not...?
I'm discovering that many things I thought true are actually "sorta".

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!



http://www.ISAserver.org


But Jim, all outbound connections are from the primary address on the
external interface of the ISA Server ;-)

Thomas W Shinder 
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1 
Configuring ISA Server: http://tinyurl.com/1llp 



-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] 
Sent: Thursday, June 12, 2003 9:14 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SecureNAT and PASV FTP


http://www.ISAserver.org


FWIW, this may help; it did for me...
http://support.microsoft.com/default.aspx?scid=kb;en-us;817829

  Jim Harrison
  MCP(NT4, W2K), A+, Network+, PCG
  http://isaserver.org/Jim_Harrison/
  http://isatools.org
  Read the help / books / articles!



http://www.ISAserver.org


Hi Raji,

I would create a Protocol Rule allowing everyone access to the FTP
protocol definition. Remember to NOT use Internet Explorer/Web Proxy
client config, because the Web Proxy service always uses PORT mode.

HTH,
Tom

Thomas W Shinder 
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1 
Configuring ISA Server: http://tinyurl.com/1llp 



-----Original Message-----
From: Raji Arulambalam [mailto:rajia@xxxxxxxxxxxxxx] 
Sent: Thursday, June 12, 2003 8:14 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SecureNAT and PASV FTP


http://www.ISAserver.org


Hi Tom

Could you please give me examples of the protocol rules.  I have tried
various settingsbut have had no luck in getting to work.

Thanks

---------------------------------------------
  Raji Arulambalam       
  Systems Administrator          
  Environment Bay of Plenty 
  P O Box 364 Whakatane.
  NEW ZEALAND  
--------------------------------------------


-----Original Message-----
From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxxxxxxxxx]
Sent: Friday, June 13, 2003 12:59 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: SecureNAT and PASV FTP


http://www.ISAserver.org


Hi Raji,

PASV connections work fine for SecureNAT clients. Make sure you have
protocls rules that allow the connection.

HTH,
Tom

Thomas W Shinder 
www.isaserver.org/shinder 
ISA Server and Beyond: http://tinyurl.com/1jq1 
Configuring ISA Server: http://tinyurl.com/1llp 



-----Original Message-----
From: Raji Arulambalam [mailto:rajia@xxxxxxxxxxxxxx] 
Sent: Thursday, June 12, 2003 7:18 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] SecureNAT and PASV FTP


http://www.ISAserver.org


Hi

How can I configure ISA server to allow a SecureNAT client to access a
PASV
FTP server.?? The ftp server is nai.com.
Normal ftp (port) works fine from the SecureNAT server.

Thanks

---------------------------------------------
  Raji Arulambalam       
  Systems Administrator          
  Environment Bay of Plenty 
  P O Box 364 Whakatane.
  NEW ZEALAND  
  Phone: 0800 ENV BOP (0800 368 267) +64 7 922 3390
  Fax:    0800 ENV FAX (0800 368 329) +64 7 922 3393
  http://envbop.govt.nz
--------------------------------------------



Email disclaimer: This email and any attachments are confidential. If
you are not the intended recipient, do not copy, disclose or use the
contents in any way. If you receive this message in error, please let us
know by return email and then destroy the message. Environment Bay of
Plenty is not responsible for any changes made to this message and/or
any attachments after sending.
******************************************************
This e-mail has been checked for viruses and no viruses were detected.

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')

Other related posts:

• » SecureNAT and PASV FTP
• » RE: SecureNAT and PASV FTP
• » RE: SecureNAT and PASV FTP
• » RE: SecureNAT and PASV FTP
• » RE: SecureNAT and PASV FTP
• » RE: SecureNAT and PASV FTP
• » RE: SecureNAT and PASV FTP
• » RE: SecureNAT and PASV FTP
• » RE: SecureNAT and PASV FTP

1. Home
2. isalist
3. Archive
4. 06-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---