Solved

Force FTP through ISA

Posted on 2004-09-28
5
469 Views
Last Modified: 2013-11-29
Hi There,

This one will be complex to explain so I will do my best.

Currently we have a Proxy Server enabled on MS ISA Server. Everything works fine including FTP when the Firewall Client is installed if FTP access is required. However, we have an application provided by our Courier company which uses FTP to send end-of-day transactions. This is installed on one PC only. FTP works fine through FTP client software (eg; CuteFTP), IE FTP Browser etc except through this software.

We currently have to connect this PC to the internet through Dial-Up in order for the courier software to communicate with their server. I have contacted the company who advised that it uses standard FTP settings and that it 'should' work. There are no settings in the software at all! (Thanks for your help!) Anyway...

Is there a way to force FTP traffic or requests through a proxy server?

The Client has dynamically assigned IP settings.

Gateway: 10.10.0.15
Proxy:      10.10.0.14 Port: 8080

I was thinking along the lines of forwarding all FTP traffic from that PC to a port on the ISA Server that then forwards that traffic back to port 21 on the Proxy Server... that's me thinking out load...

Any assistance would be greatly appreciated
0
Comment
Question by:Fernando
5 Comments
 
LVL 2

Accepted Solution

by:
TeeSeePeeEyePee earned 250 total points
ID: 12177158
One simple answer - could you leave this computer out of the ISA proxy and firewall group and have it hit your Internet gateway directly?  That should do it.

Another possible solution would be to add the target address to the exceptions list in "do not use a proxy for the following domains" under the Advanced tab in the Proxy section of your Internet "Connection" settings.
0
 

Assisted Solution

by:khozemah
khozemah earned 250 total points
ID: 12180273
If your ISA server is in integrated mode than do the following:

On ISA server create a Client address set and include this machine as the member of this group.

Create a Site and content rule and allow all for this client address et.

Create a Protocol rule and allow all for this client address set.

Disable the HTTP redirector on the ISA server so that the SNAT clients does not go thro the web-proxy. Only downsize in this is that all the firewall clients as well as SNAT clients will not be able to use the caching feature of ISA.



0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 12182969
I'm assuming that you do have network knowledge. It seem to me that this might be some problem related with either passive or active ftp. See the link bellow about what the differences are and how to make the configurations on ISA Server (you do know how to open/close ports in isa server, right?).

So the link is http://slacksite.com/other/ftp.html

Cheers.
0
 
LVL 6

Expert Comment

by:SlyDog
ID: 12197209
You don't need the proxy client to go through ISA if the ISA IP is your gateway. The only time you use proxy client is if your gateway, and the IP to get to the internet are different.
Set the gateway on the FTP box to the internal IP of you ISA server. If you have FTP outbound enabled, it should work.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Let’s list some of the technologies that enable smooth teleworking. 
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now