?
Solved

Force FTP through ISA

Posted on 2004-09-28
5
Medium Priority
?
496 Views
Last Modified: 2013-11-29
Hi There,

This one will be complex to explain so I will do my best.

Currently we have a Proxy Server enabled on MS ISA Server. Everything works fine including FTP when the Firewall Client is installed if FTP access is required. However, we have an application provided by our Courier company which uses FTP to send end-of-day transactions. This is installed on one PC only. FTP works fine through FTP client software (eg; CuteFTP), IE FTP Browser etc except through this software.

We currently have to connect this PC to the internet through Dial-Up in order for the courier software to communicate with their server. I have contacted the company who advised that it uses standard FTP settings and that it 'should' work. There are no settings in the software at all! (Thanks for your help!) Anyway...

Is there a way to force FTP traffic or requests through a proxy server?

The Client has dynamically assigned IP settings.

Gateway: 10.10.0.15
Proxy:      10.10.0.14 Port: 8080

I was thinking along the lines of forwarding all FTP traffic from that PC to a port on the ISA Server that then forwards that traffic back to port 21 on the Proxy Server... that's me thinking out load...

Any assistance would be greatly appreciated
0
Comment
Question by:Fernando
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 2

Accepted Solution

by:
TeeSeePeeEyePee earned 750 total points
ID: 12177158
One simple answer - could you leave this computer out of the ISA proxy and firewall group and have it hit your Internet gateway directly?  That should do it.

Another possible solution would be to add the target address to the exceptions list in "do not use a proxy for the following domains" under the Advanced tab in the Proxy section of your Internet "Connection" settings.
0
 

Assisted Solution

by:khozemah
khozemah earned 750 total points
ID: 12180273
If your ISA server is in integrated mode than do the following:

On ISA server create a Client address set and include this machine as the member of this group.

Create a Site and content rule and allow all for this client address et.

Create a Protocol rule and allow all for this client address set.

Disable the HTTP redirector on the ISA server so that the SNAT clients does not go thro the web-proxy. Only downsize in this is that all the firewall clients as well as SNAT clients will not be able to use the caching feature of ISA.



0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 12182969
I'm assuming that you do have network knowledge. It seem to me that this might be some problem related with either passive or active ftp. See the link bellow about what the differences are and how to make the configurations on ISA Server (you do know how to open/close ports in isa server, right?).

So the link is http://slacksite.com/other/ftp.html 

Cheers.
0
 
LVL 6

Expert Comment

by:SlyDog
ID: 12197209
You don't need the proxy client to go through ISA if the ISA IP is your gateway. The only time you use proxy client is if your gateway, and the IP to get to the internet are different.
Set the gateway on the FTP box to the internal IP of you ISA server. If you have FTP outbound enabled, it should work.
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses
Course of the Month9 days, 2 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question