I have a couple of things to note here 1) If Firewall Client is installed, but disabled, I've noticed IE do strange things. I use VPN's to different sites, and if I have a VPN active, I have to disable FWC otherwise traffic doesn't route properly. Disabling FWC stopped me being able to browse the internet in IE. It seems that IE ignores the proxy settings when it feels like it. Firefox, however quite happily lets me browse the internet while a VPN is active. 2) I had a problem with a third party application that wouldn't use FTP properly. It was part of an auto update sequence for some marketing software. I could FTP to their site from DOS, but their auto update wouldn't work. I traced this to the user not being able to use port 20 which is used for active FTP communication along side port 21. I created a protocol for port 20 and gave the users access to it, and hey presto, it worked. Regards, Steve Steve Lunn - PC & Network Support Microsoft MCP DDI: 01423 855101 Fax: 01423 855181 _____ From: Dijk, Sebastian van [mailto:sebastian.van.dijk@xxxxxxxxxx] Sent: 22 February 2005 08:13 To: [ISAserver.org Discussion List] Subject: [isalist] RE: outgoing client ftp problem through isa 2000 http://www.ISAserver.org Hey Guys, I am still having this weird problem : When firewall client is enabled : FTP works from internet explorer When firewall client is disabled : FTP does not work from internet explorer Help ! :-) _____ Van: Dijk, Sebastian van Verzonden: maandag 27 december 2004 10:30 Aan: [ISAserver.org Discussion List] Onderwerp: [isalist] outgoing client ftp problem through isa 2000 http://www.ISAserver.org Server : 2003, ISA 2000 including all service packs Clients : Windows XP, no firewall enabled. I am trying but failing in giving users rights for the FTP Protocol, to access FTP Servers. What is the situation : Client Machines with internet explorer proxy settings enabled, all at port 8080. Clients have a default gateway pointing to the ISA server (ISA 2000) On the ISA server, i made a new protocol definition : "ftp outbound" port 21, outbound. No secondary connections. A new protocol rule is made, groups are allowed to used this FTP OUTBOUND protocol definition. Outgoing web requests : "Same listener for all internal IP Addresses", tcp port 8080 and integrated authentication is used. "Ask unauthenticated users for authentication" is turned off, this is because we have a small application running that can't be used with the firewall client, so it needs just a securenat configuration. The FTP Access filter is enabled. The problem : 1. User's can not access ftp sites, i've set the "passive ftp" option in Internet Explorer but it just won't work. I tried to set the proxy port in Internet Explorer to 21 in stead of 8080. No result. 2. Then i tried to install the firewall client, now client CAN use FTP connections. But i want only the Internet Explorer proxy settings to be used. Has anyone a clue why my FTP setup won't work without firewall client enabled ?? Thanks in advance, Sebastian van Dijk ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: sebastian.van.dijk@xxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: steve.lunn@xxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx Homeowners Group consists of Homeowners Friendly Society Limited (HFSL), Registered and Incorporated under the Friendly Societies Act 1992, Reg. No. 964F, Homeowners Investment Fund Managers Limited (HIFML), Reg. No. 3224780, Homeowners Financial Administration Limited (HFAL), Reg. No. 4301736, Homeowners Membership Services Limited (HMSL), Reg. No. 3091667 and UK Friendly Insurance Services Limited (UKFISL), Reg. No. 3088162, all registered at Hornbeam Park Avenue, Harrogate. HG2 8XE. Tel: 01423 855000 Web: http://www.homeowners.co.uk HFSL and HIFML are both authorised and regulated by the Financial Services Authority (FSA). HFSL's FSA Register no. is 110072, HIFML's FSA Register no. is 181487. You can check this on the FSA's Register by visiting the FSA's website http://www.fsa.gov.uk/register or by contacting the FSA on 0845 606 1234 HFAL, HMSL and UKFISL are non-regulated limited companies. United Kingdom Civil Service Benefit Society (UKCSBS) and United Kingdom Armed Forces Benefit Society (UKAFBS) are trading styles of Homeowners Friendly Society Limited This e-mail is intended only for the person named as recipient. The contents are confidential. If you are not the intended recipient of this e-mail, please notify us as soon as possible and delete it. If you are not the intended recipient of the e-mail, any use by you is prohibited.