Solved

Force FTP through ISA

Posted on 2004-09-28
5
481 Views
Last Modified: 2013-11-29
Hi There,

This one will be complex to explain so I will do my best.

Currently we have a Proxy Server enabled on MS ISA Server. Everything works fine including FTP when the Firewall Client is installed if FTP access is required. However, we have an application provided by our Courier company which uses FTP to send end-of-day transactions. This is installed on one PC only. FTP works fine through FTP client software (eg; CuteFTP), IE FTP Browser etc except through this software.

We currently have to connect this PC to the internet through Dial-Up in order for the courier software to communicate with their server. I have contacted the company who advised that it uses standard FTP settings and that it 'should' work. There are no settings in the software at all! (Thanks for your help!) Anyway...

Is there a way to force FTP traffic or requests through a proxy server?

The Client has dynamically assigned IP settings.

Gateway: 10.10.0.15
Proxy:      10.10.0.14 Port: 8080

I was thinking along the lines of forwarding all FTP traffic from that PC to a port on the ISA Server that then forwards that traffic back to port 21 on the Proxy Server... that's me thinking out load...

Any assistance would be greatly appreciated
0
Comment
Question by:Fernando
5 Comments
 
LVL 2

Accepted Solution

by:
TeeSeePeeEyePee earned 250 total points
ID: 12177158
One simple answer - could you leave this computer out of the ISA proxy and firewall group and have it hit your Internet gateway directly?  That should do it.

Another possible solution would be to add the target address to the exceptions list in "do not use a proxy for the following domains" under the Advanced tab in the Proxy section of your Internet "Connection" settings.
0
 

Assisted Solution

by:khozemah
khozemah earned 250 total points
ID: 12180273
If your ISA server is in integrated mode than do the following:

On ISA server create a Client address set and include this machine as the member of this group.

Create a Site and content rule and allow all for this client address et.

Create a Protocol rule and allow all for this client address set.

Disable the HTTP redirector on the ISA server so that the SNAT clients does not go thro the web-proxy. Only downsize in this is that all the firewall clients as well as SNAT clients will not be able to use the caching feature of ISA.



0
 
LVL 11

Expert Comment

by:rafael_acc
ID: 12182969
I'm assuming that you do have network knowledge. It seem to me that this might be some problem related with either passive or active ftp. See the link bellow about what the differences are and how to make the configurations on ISA Server (you do know how to open/close ports in isa server, right?).

So the link is http://slacksite.com/other/ftp.html 

Cheers.
0
 
LVL 6

Expert Comment

by:SlyDog
ID: 12197209
You don't need the proxy client to go through ISA if the ISA IP is your gateway. The only time you use proxy client is if your gateway, and the IP to get to the internet are different.
Set the gateway on the FTP box to the internal IP of you ISA server. If you have FTP outbound enabled, it should work.
0

Featured Post

New! My Passport Wireless Pro Wi-Fi Mobile Storage

Portable wireless storage to offload, edit, and stream anywhere.

High-capacity, wireless mobile storage designed to accompany professional photographers and videographers in the field to easily offload, edit and stream captured photos and high-definition videos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco MRA Phones 4 63
ASE reports it as spam 2 93
Google Play app store not being blocked from smartphones 4 30
Is WiFi half-duplex or Full -duplex 4 31
Meet the world's only “Transparent Cloud™” from Superb Internet Corporation. Now, you can experience firsthand a cloud platform that consistently outperforms Amazon Web Services (AWS), IBM’s Softlayer, and Microsoft’s Azure when it comes to CPU and …
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

929 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now