Hi, I need to open access to FTP port 21 and HTTP port 80 for passive updates of my Kaspersky anti virus I also want to open port 8334 to access my remote mail servers control panel, I found a Java script which will open specified ports but this seems a liitle crude.

 

Is it possible to open these ports only to specific IP addresses within the network and is this on demand access or are they open all the time?

 

I promise to take out the Platinum subscription next week so I can read all the articals but I need the answer ASAP and the bank account is empty.

 

I'll probably take a couple of hours of your time for a quick remote health check as well, as this is my first SBS install and would like to know it went well.

Sorry ISA 2004 new install on SBS sp1

Hi Martyn,

 

You will need to enable the FTP out rule in ISA, Firewall rules. You certainly don't need port 80 inbound.

Hi, I created a new rule last night and this cured the proble but when I look at the default rule created by SBS this seems to have the same settings and dosn't work.

 

Is there a way to print of a copy of all the rules and compare their properties, I seem to be haveing the same problem with the NTP port for time syncing, the rule is there by default and active but the NTP access is denied in the live logging.

 

Can I allow access from one IP for these rules and is it a good idea?

Hi Martyn,

did you try to activate (!!) the standard rules which were already there when you installed ISA? 

By default, i.e. FTP out is disabled. You habe to right click the rule and activate it.

 

Mirko

Hi, I had to reinstall ISA 2004 because it locked up everything from internet access to internal access from the computer to the server.

 

I've left the rules as per default after running the CEICW wizard and when I go to the FTP rule it has a small icon of a key and if I right click it I get the option to disable the rule which to me implies that it is already activated by the wizard but there is now additional Activate option.

FTP download or upload does not work through ISA 2004:
http://www.smallbizserver.net/Articles/tabid/266/articleType/ArticleView/articleId/102/Default.aspx

Fantastic, I followed this guide with the exception that I created a copy of the FTP Out Protocol instead of the Internet Access Rule and just opened FTP to the one server I needed access for.

I have followed the instructions to uncheck Read only. (Tried to attach image file of screen but it is too large.) I have hit okay, applied changes, waited over 30 minutes for changes to take affect, I have restarted the ISA service and users cannot ftp.

 

SBS 2003 Premium, ISA 2004, ISA Clients are installed and are automatically discovering the ISA server just fine, all other browsing works fine. I can ftp from the server. Port 21 is open on the router. When I check live logging SBS Internet Access Rule still blocks the ftp GET request.

Kevin,

 

If you save the file as a png file it will probably attach just fine. Can you tell me what you see when it does not work...or if the screenshot attached I can it there :-)

The two png image files I'm trying to attach are 74kb and 21kb but it still gives me an error that they are over 100kb.

 

The error I get from a workstation is a Network Access Message, 502 error.

Did you check the FTP rule in ISA also?

Kevin,

 

From where do you try to connect to that ftp site? Is that from a workstation and does that workstation has the Firewall client installed? What is the address of the ftp site you want to connect to?

Kevin,

 

What ftp client do you use?

Kevin,

 

Just to be sure can you download a trial from ipSwitch and see if that works? Or CuteFTP if you want. I never liked IE for FTP...