Solved

Force FTP through ISA

Posted on 2004-09-28
5
493 Views
Last Modified: 2013-11-29
Hi There,

This one will be complex to explain so I will do my best.

Currently we have a Proxy Server enabled on MS ISA Server. Everything works fine including FTP when the Firewall Client is installed if FTP access is required. However, we have an application provided by our Courier company which uses FTP to send end-of-day transactions. This is installed on one PC only. FTP works fine through FTP client software (eg; CuteFTP), IE FTP Browser etc except through this software.

We currently have to connect this PC to the internet through Dial-Up in order for the courier software to communicate with their server. I have contacted the company who advised that it uses standard FTP settings and that it 'should' work. There are no settings in the software at all! (Thanks for your help!) Anyway...

Is there a way to force FTP traffic or requests through a proxy server?

The Client has dynamically assigned IP settings.

Gateway: 10.10.0.15
Proxy:      10.10.0.14 Port: 8080

I was thinking along the lines of forwarding all FTP traffic from that PC to a port on the ISA Server that then forwards that traffic back to port 21 on the Proxy Server... that's me thinking out load...

Any assistance would be greatly appreciated
0
Comment
Question by:Fernando
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 2

Accepted Solution

by:
TeeSeePeeEyePee earned 250 total points
ID: 12177158
One simple answer - could you leave this computer out of the ISA proxy and firewall group and have it hit your Internet gateway directly?  That should do it.

Another possible solution would be to add the target address to the exceptions list in "do not use a proxy for the following domains" under the Advanced tab in the Proxy section of your Internet "Connection" settings.
0
 

Assisted Solution

by:khozemah
khozemah earned 250 total points
ID: 12180273
If your ISA server is in integrated mode than do the following:

On ISA server create a Client address set and include this machine as the member of this group.

Create a Site and content rule and allow all for this client address et.

Create a Protocol rule and allow all for this client address set.

Disable the HTTP redirector on the ISA server so that the SNAT clients does not go thro the web-proxy. Only downsize in this is that all the firewall clients as well as SNAT clients will not be able to use the caching feature of ISA.



0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 12182969
I'm assuming that you do have network knowledge. It seem to me that this might be some problem related with either passive or active ftp. See the link bellow about what the differences are and how to make the configurations on ISA Server (you do know how to open/close ports in isa server, right?).

So the link is http://slacksite.com/other/ftp.html 

Cheers.
0
 
LVL 6

Expert Comment

by:SlyDog
ID: 12197209
You don't need the proxy client to go through ISA if the ISA IP is your gateway. The only time you use proxy client is if your gateway, and the IP to get to the internet are different.
Set the gateway on the FTP box to the internal IP of you ISA server. If you have FTP outbound enabled, it should work.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Solar Winds can't see SQL Server Express 17 54
Windows ADHow to restrict port 6881 bit Torrent 3 21
SSL-VPN 1 51
Problems with VPN 4 26
Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question