?
Solved

Force FTP through ISA

Posted on 2004-09-28
5
Medium Priority
?
500 Views
Last Modified: 2013-11-29
Hi There,

This one will be complex to explain so I will do my best.

Currently we have a Proxy Server enabled on MS ISA Server. Everything works fine including FTP when the Firewall Client is installed if FTP access is required. However, we have an application provided by our Courier company which uses FTP to send end-of-day transactions. This is installed on one PC only. FTP works fine through FTP client software (eg; CuteFTP), IE FTP Browser etc except through this software.

We currently have to connect this PC to the internet through Dial-Up in order for the courier software to communicate with their server. I have contacted the company who advised that it uses standard FTP settings and that it 'should' work. There are no settings in the software at all! (Thanks for your help!) Anyway...

Is there a way to force FTP traffic or requests through a proxy server?

The Client has dynamically assigned IP settings.

Gateway: 10.10.0.15
Proxy:      10.10.0.14 Port: 8080

I was thinking along the lines of forwarding all FTP traffic from that PC to a port on the ISA Server that then forwards that traffic back to port 21 on the Proxy Server... that's me thinking out load...

Any assistance would be greatly appreciated
0
Comment
Question by:Fernando
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 2

Accepted Solution

by:
TeeSeePeeEyePee earned 750 total points
ID: 12177158
One simple answer - could you leave this computer out of the ISA proxy and firewall group and have it hit your Internet gateway directly?  That should do it.

Another possible solution would be to add the target address to the exceptions list in "do not use a proxy for the following domains" under the Advanced tab in the Proxy section of your Internet "Connection" settings.
0
 

Assisted Solution

by:khozemah
khozemah earned 750 total points
ID: 12180273
If your ISA server is in integrated mode than do the following:

On ISA server create a Client address set and include this machine as the member of this group.

Create a Site and content rule and allow all for this client address et.

Create a Protocol rule and allow all for this client address set.

Disable the HTTP redirector on the ISA server so that the SNAT clients does not go thro the web-proxy. Only downsize in this is that all the firewall clients as well as SNAT clients will not be able to use the caching feature of ISA.



0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 12182969
I'm assuming that you do have network knowledge. It seem to me that this might be some problem related with either passive or active ftp. See the link bellow about what the differences are and how to make the configurations on ISA Server (you do know how to open/close ports in isa server, right?).

So the link is http://slacksite.com/other/ftp.html 

Cheers.
0
 
LVL 6

Expert Comment

by:SlyDog
ID: 12197209
You don't need the proxy client to go through ISA if the ISA IP is your gateway. The only time you use proxy client is if your gateway, and the IP to get to the internet are different.
Set the gateway on the FTP box to the internal IP of you ISA server. If you have FTP outbound enabled, it should work.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Suggested Courses

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question