none
FTPS?? ISA Server does not support outbound secure FTP connections RRS feed

  • Question

  • Dear all
    我想請問FTPS在isa2006的支援
     does not support outbound 是可以連線出去 還是只能架設?
    我設定access policy中直接設定 所有的輸出流量    內部 外部  所有使用者 
    客戶端也有安裝firewall clinet  可是在cuteftp錯誤
    STATUS:>   [2009/5/15 上午 11:52:07] Connecting to FTP server... xx.xx.xx.xx:900 (ip = xx.xx.xx.xx)...
    STATUS:>   [2009/5/15 上午 11:52:07] Socket connected. Waiting for welcome message...
    STATUS:>   [2009/5/15 上午 11:52:07] Connected. Exchanging encryption keys...
    ERROR:>    [2009/5/15 上午 11:52:07] SSL: Error in negotiating SSL connection.

    isa上面的log 直接監控連線IP
    出來的流量就直接 初始連線 關閉連線 也沒有錯誤
    我也有去定義FTPS 21 990 Data channel port range xxx~zzz
    請問是不是基本上就無法支援FTPS??
    謝謝




    根據KB
    http://technet.microsoft.com/en-us/library/bb794745.aspx
    內容

    ISA Server does not support outbound secure FTP connections

    Symptom: Clients require access to FTP servers over Secure FTP (FTPS).

    Issue: ISA Server does not support outbound FTP over SSL/TLS (FTPS) connections. FTPS uses an encrypted control channel. For standard FTP traffic, ISA Server uses the FTP filter to monitor FTP communication. Outbound Secure Sockets Layer (SSL) connections cannot be seen by ISA Server, and therefore ISA Server cannot adjust traffic policy in reaction to PASV and PORT FTP commands.

    Solution: Although there may be a workaround by installing Firewall Client software and creating a custom FTP protocol definition that is not bound to the FTP application filter, this is not supported.

    vendredi 15 mai 2009 04:16