[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 608
  • Last Modified:

FTP server behind the Windows sbs 2003 server

Hello there well we based in London, I have Windows 2003 SBS server with two LAN card one for local and one for Internet and SBS  is running as DHCP, Exchange, IIS, SharePoint and some network shared software like filemaker pro and 20 local users, I have 5 static IPs one is reserved for SBS 2003 because of exchange and one for Polycom video intercom system and other three are spare, I have just buy a QNAP TS-409 Turbo Pro NAS device for file sharing, we have lot of network shared files for our local and remote users, I have already  join QNAP NAS to AD for the users authentications and configured VPN on SBS 2003 for some other applications. At the moment my remote users of USA and France they are using VPN connection to access network shared file on the QNAP NAS my problem is I dont wana allow VPN connection to the remote user of USA and France just for network shared files and folder and that why i buy QNAP TS-409 Turbo Pro because it has DDNS, FTP and remote access features but now I am totally confused that how to configure QNAP as a FTP server behind the windows SBS 2003 Server. All my local users has DHCP IP but i configured QNAP NAS with local LAN static IP, my local network is 10.0.3.0 / 255.0.0.0  SBS Server has two NIC one is 62.xx.xx.xx for ISP and other NIC is 10.0.3.202 for my local area and QNAP NAS has 10.0.3.200 / 255.0.0.0
Plz help me to solve out this issue bye.....
0
bajwha007
Asked:
bajwha007
  • 4
  • 3
  • 2
1 Solution
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
If you had ISA installed and configured, you could set up some publishing rules for the external users to access the box via FTP.

Having the usernames and passwords for the FTP box synchronized with Active Directory is not a good idea due to the fact that FTP transmits authentication requests in clear text. If the user accounts are completely restricted, then you are okay ... almost.

Philip
0
 
bajwha007Author Commented:
no i don't have ISA
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
Then you need an intelligent gateway that can route traffic based on the IP it is coming in on as well as the protocol being used.

RRAS cannot do that out of the box on its own.

Philip
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
bajwha007Author Commented:
gateway like what can u plz explain it in detail
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
You need a gateway that has the ability to route traffic from the Internet based on the IP address the traffic comes in on and the protocol being requested.
The gateway will need to be able to bind more than 1 IP address to the WAN link.
It will need to be able to support directing HTTP traffic based on host header.

Essentially what ISA is capable of doing.

Philip
0
 
John-M-PCommented:
A quick look at the QNAP TS-409 Turbo Pro specs indicates that it is also a file server. You can configure IIS on theSBS to run a FTP site with a public IP address, and point to the files on the NAS.
0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
FTP services on the Primary DC is not a good security practice.

Philip
0
 
bajwha007Author Commented:
Dear John call u plz tell me step by step how to configure IIS on theSBS to run a FTP site with a public IP address and point to the files on the NAS.
0
 
John-M-PCommented:

Start-> Control Pannel-> Add or Remove Programs
Add/Remove Windows Components
Expand Application Server
Expand Internet Information Services
Select File transfer Protocol (FTP) Service
Click OK.  Click OK. Click Next .Click Finish.
Start->All Programs->Administrative Tools->Internet Information Services (IIS) Manager
Expand your server.
Right Click on FTP Sites. . . Select New . . . FTP Site
Click Next
Enter a descriptive name (NAS-FTP). Click Next
Enter the PUBLIC IP Address. Click Next
Click Next
For the path of the home directory, enter: \\10.0.3.200\ SHARENAME Click Next
Click Next
Select the appropriate pemissions. Click Next. Click Finish.
As stated above, this is not the best practice, but without spending $ to upgrade to SBS Premium,or to puchase a dedicated, enterprise grade firewall, this will meet your needs. I would set up dedicated FTP accounts for the users to use since FTP passwords are sent in cleartext.

0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now