Solved

ISA 2004, FTP and IGMP

Posted on 2008-10-06
6
607 Views
Last Modified: 2011-09-20
Hi,

I want to publish an FTP server using IIs 6.0 under Microsoft Small Business Premium 2003. Ive used the Create New Server Publishing rule to allow inbound access and have created a separate rule in ISA to allow outbound access. Ive created and published FTP site in IIS.

If I try and connect using Windows Explorer from a client outside the network, the site looks as if it will open then I get the error  Windows can't access this folder the name maybe incorrect or you don't have permission to access the folder.  Access from within the firewall works fine.

Looking at the ISA log, the only culprit I can see is Unidentified IP Traffic (TCP;21). ISA denies this entry a connection.

Does anyone have any idea what is going wrong? This is driving me bonkers.

Thanks

Karl
0
Comment
Question by:kwinsw
  • 3
  • 3
6 Comments
 
LVL 11

Expert Comment

by:EricTViking
ID: 22657389
On your publishing rule are you allowing incoming TCP on port 21?
0
 

Author Comment

by:kwinsw
ID: 22657729
Yup, my publishing rule allows ftp traffic on port 21 from anywhere to the IP address of my server. I also have an outbound access rule that allows outbound access over port 21.
0
 
LVL 11

Expert Comment

by:EricTViking
ID: 22658464
Can you try accessing your FTP server from the internet using an FTP client such as CuteFTP? Try it both using Acitve and PASV FTP Modes. This will rule out any issues with Windows Explorer FTP (which can sometimes be problematic).

Another thought is try changing the 'Anywhere' in your FTP rule to 'External'.
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:kwinsw
ID: 22659087
Hi Eric,

Tried both suggestions with no joy. CuteFTP gives me the following message in active and passive modes:

STATUS:>        [07/10/2008 14:15:42] Getting listing ""...
STATUS:>        [07/10/2008 14:15:42] Connecting to FTP server... xx.xx.xx.xxx:21 (ip = xx.xx.xx.xxx)...
STATUS:>        [07/10/2008 14:15:42] Socket connected. Waiting for welcome message...
ERROR:>         [07/10/2008 14:16:03] Can't read from control socket. Socket error = #10054.

Port 21 is open for in and outbound traffic, so i'm not sure why it's doing this.

Thanks

Karl
0
 
LVL 11

Accepted Solution

by:
EricTViking earned 500 total points
ID: 22663388
Presumably you're using some sort of modem/router? Do you have port 21 inbound open on the router?
0
 

Author Closing Comment

by:kwinsw
ID: 31503678
Hi Eric,

Doh, that was it, or partly it. I have my router's firewall on the "medium" setting, which I thought allowed FTP Server by default, it didn't. I then had to point my server publishing rule to my server's external IP address (I'd pointed it to the internal one as part of my troubleshooting after reading in an article elsewhere that this was the right thing to do). Once I'd done these two things, it worked fine.

In the long term, I'd rather get my ftp off the domain server. At the moment, though, I don't have another machine which is always on, on which I can install a secure FTP server - so this is great.

Thank you for all your help.

Karl
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Adware on IIS hosted asp.net website 1 27
SBS 2011 Ran SharePoint Config Wizard and Exchange ActiveSync failed. 5 34
IPV6 Issues 3 28
2008 SBS renaming user accounts? 3 40
Because virtualization becomes more and more common, and, with Microsoft Hyper-V included in Windows Server at no additional costs, and, most server hardware nowadays is more than capable of running a physical Small Business Server (SBS) 2008 or 201…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now