Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Cannot FTP out from PCs on network. Works ok from server

Posted on 2006-11-03
9
Medium Priority
?
201 Views
Last Modified: 2010-03-18
ftp works ok from the server but none of our pc's will connect to any connection at all. The error is 'connection refused'.

Server:
Windows 2003 SBS
IIS 6.0
ISA 3.0

The server is setup as a proxy.
Any ideas what i need to be looking at to fix the issue? Is there a rule i need to setup somewhere in IIS or ISA?

0
Comment
Question by:BigCap
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 3

Expert Comment

by:tray_jones
ID: 17868193
check ISA for a deny on Outbound  port 21
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17876073
Are you running the premium version of SBS with ISA?
If so, have you enabled a rule to let ftp go out? Needs to be from local host & internal to external

open the ISA gui, select monitoring - logging - click on start query.
Make an FTP attempt from a client, what do you see in the log?
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17891217
Hey Keith,

  Jump in http://www.experts-exchange.com/Networking/Q_22051939.html

Cheers,
Rajesh
0
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

 

Author Comment

by:BigCap
ID: 17948610
The option to add a new rule or edit an exisiting rule doesn't exist.
I have the following protocol definition setup:

Name                               Defined by            Port Number             Protocol Type                 Direction
FTP download only            ISA Server                  21                            TCP                       Outbound

I read somewhere that ISA is configured differently on server that only have one NIC and are sat behind a firewall.
Is it called cached mode or something like? Could this have any bearing?

I logged onto my hardware firewall (Sonicnet) and setup a rule to allow all LAN traffice FTP access to the WAN.
Still the same message!!  surely it's got to be ISA or my firewall causing the issue??
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 17950058
Sorry, missed the ISA comment in your first post. There is no such thing as ISA 3.0, it will be ISA2000, ISA2004 or the new ISA2006 but I don't think ISA2006 ships with SBS yet. if you only have a single nic in the box, then no, you cannot change the protocols as it is acting as a Proxy only, not a firewall.

The ftp rule you have for port 21 is for when you use a full blown ftp client. Have you tried ftp within the web browser? make sure the IE proxy settings - advanced have all the settings pointed to the same port number.

0
 

Author Comment

by:BigCap
ID: 18242182
Hi all,

Thanks for your advice with this problem. I managed to get it sorted in the end.
It was down to our firewall (sonicwall TZ170SP) blocking the ftp traffic.

Basically the TZ170SP as default only allows 10 connections. Our web traffic is directed via a proxy server which would only mean it uses one of the connections but ftp traffic goes out directly and uses one of the remaining 9 connections.

The sessions should be released after use but the firewall wasn't doing it's job and was seeing all 10 concurrent connection in use and therefore preventing any further outbound connections.  A hard reset fixed the problem.
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18660156
<<Have you tried ftp within the web browser? make sure the IE proxy settings - advanced have all the settings pointed to the same port number.>>

FTP through the web browser and with its proxy settings set cannot go direct to the firewall by definition but the important bit is that its working but yeah, PAQ it.
0
 
LVL 1

Accepted Solution

by:
kodiakbear earned 0 total points
ID: 18694110
Closed, 200 points refunded.
kb
Experts Exchange Moderator
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Resolve DNS query failed errors for Exchange
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question