Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
524
Views
0
Helpful
3
Replies

FTP through ISA server then through ASA to the internet

guibarati
Level 4
Level 4

‎10-30-2006 07:11 AM - edited ‎02-21-2020 01:16 AM

I'm having problems to configure a host in the internal network to access FTP servers outside the company, the topology is the following

[]--------------> []---------->[]-------->[]

Internal - ISA - ASA - FTP

I have configured the ISA as default gateway for the host, and trying to access with no Proxy setings, but after the authentication on the FTP server the connection is dropped.

I have configured the ISA to NAT and route the packts from this host, but still not working...

Any idea?

0 Helpful
3 Replies 3

m-haddad
Level 5
Level 5

‎10-30-2006 08:10 AM

Disable FTP inspection and try again. When the connection is dropped what is the error message?

Another advice to segement the problem is to put a machine between the ISA and the ASA (Behind the ASA directly) and try to FTP and see if it works. If yes then your porblem is on the ISA if not we have to keep troubleshooting on the ASA side.

Let me know if this helps,

(please rate if I was helpful)

Regards,

0 Helpful

mheusinger
Level 10
Level 10
In response to m-haddad

‎10-30-2006 08:30 AM

Hi,

also make sure the client is using passive FTP, because otherwise you need port forwarding or FTP inspection by both the ASA and the ISA server. If passive FTP is used (can be configured through Internet Explorer in a MS host) basic internet access with NAT should be sufficient. Is it possible from the client to ping the FTP server or any other host in the internet for that matter?

If not, the problem is not directly FTP related but rather a NAT problem - assuming a private IP on the client.

Regards, Martin

0 Helpful

guibarati
Level 4
Level 4
In response to mheusinger

‎11-10-2006 11:17 AM

Thank you for the reply. The problem was in the Microsoft ISA configuration, I have to configure "MS client firewall" in the host to allow it to access no HTTP traffic outside the ISA, and configure the ISA to allow it too.

regards.

0 Helpful
Review Cisco Networking for a $25 gift card
Top