[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

ISA 2004, FTP and IGMP

Posted on 2008-10-06
6
Medium Priority
?
661 Views
Last Modified: 2011-09-20
Hi,

I want to publish an FTP server using IIs 6.0 under Microsoft Small Business Premium 2003. Ive used the Create New Server Publishing rule to allow inbound access and have created a separate rule in ISA to allow outbound access. Ive created and published FTP site in IIS.

If I try and connect using Windows Explorer from a client outside the network, the site looks as if it will open then I get the error  Windows can't access this folder the name maybe incorrect or you don't have permission to access the folder.  Access from within the firewall works fine.

Looking at the ISA log, the only culprit I can see is Unidentified IP Traffic (TCP;21). ISA denies this entry a connection.

Does anyone have any idea what is going wrong? This is driving me bonkers.

Thanks

Karl
0
Comment
Question by:kwinsw
  • 3
  • 3
6 Comments
 
LVL 11

Expert Comment

by:EricTViking
ID: 22657389
On your publishing rule are you allowing incoming TCP on port 21?
0
 

Author Comment

by:kwinsw
ID: 22657729
Yup, my publishing rule allows ftp traffic on port 21 from anywhere to the IP address of my server. I also have an outbound access rule that allows outbound access over port 21.
0
 
LVL 11

Expert Comment

by:EricTViking
ID: 22658464
Can you try accessing your FTP server from the internet using an FTP client such as CuteFTP? Try it both using Acitve and PASV FTP Modes. This will rule out any issues with Windows Explorer FTP (which can sometimes be problematic).

Another thought is try changing the 'Anywhere' in your FTP rule to 'External'.
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 

Author Comment

by:kwinsw
ID: 22659087
Hi Eric,

Tried both suggestions with no joy. CuteFTP gives me the following message in active and passive modes:

STATUS:>        [07/10/2008 14:15:42] Getting listing ""...
STATUS:>        [07/10/2008 14:15:42] Connecting to FTP server... xx.xx.xx.xxx:21 (ip = xx.xx.xx.xxx)...
STATUS:>        [07/10/2008 14:15:42] Socket connected. Waiting for welcome message...
ERROR:>         [07/10/2008 14:16:03] Can't read from control socket. Socket error = #10054.

Port 21 is open for in and outbound traffic, so i'm not sure why it's doing this.

Thanks

Karl
0
 
LVL 11

Accepted Solution

by:
EricTViking earned 2000 total points
ID: 22663388
Presumably you're using some sort of modem/router? Do you have port 21 inbound open on the router?
0
 

Author Closing Comment

by:kwinsw
ID: 31503678
Hi Eric,

Doh, that was it, or partly it. I have my router's firewall on the "medium" setting, which I thought allowed FTP Server by default, it didn't. I then had to point my server publishing rule to my server's external IP address (I'd pointed it to the internal one as part of my troubleshooting after reading in an article elsewhere that this was the right thing to do). Once I'd done these two things, it worked fine.

In the long term, I'd rather get my ftp off the domain server. At the moment, though, I don't have another machine which is always on, on which I can install a secure FTP server - so this is great.

Thank you for all your help.

Karl
0

Featured Post

Get quick recovery of individual SharePoint items

Free tool – Veeam Explorer for Microsoft SharePoint, enables fast, easy restores of SharePoint sites, documents, libraries and lists — all with no agents to manage and no additional licenses to buy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
this video summaries big data hadoop online training demo (http://onlineitguru.com/big-data-hadoop-online-training-placement.html) , and covers basics in big data hadoop .
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question