What about moving the software right on the isa box.
I did find this article with ServU behind ISA and ssl/tls sessions. Looks pretty comprehensive. (this is for hosting which I don't think is what you are doing but may shed light) http://www.redline-software.com/eng/support/articles/isaserver/config/publis hing_secure_ftp_servers_behind_isa_firewalls.php Just for fun sake, I did this once. I have one isa client that runs some funky app that uses all kind of ports. I couldn't get it just right, so I created a rule for 1-65000 to/from the 4 IP's their vendor used to run the app. Well this worked and although is somewhat a security hole I never could nail the ports down. It was for outbound anyway so go figure. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, March 06, 2008 10:31 PM To: NT System Admin Issues Subject: ISA 2004 FTPS Oh you who know ISA.. I have a client that has SBS 2003 with ISA 2004 fully updated/patched. Dual Nics on server, clients have updated ISA client installed. New billing company for medical practice and they installed Filezilla to transfer the sheets via FTPS. Initially it was sporadic until I configured active ftp and specified our external IP in Filezilla. Communications were perfect for quite awhile. Now they have stopped, and in troubleshooting they apparently changed their end to require explicit TLS for the SFTP connection a modified the client Filezilla client to match. Communications stopped. They are unwilling to go back to the old method due to TLS FTPS, be a "more secure" SFTP method to comply with HIPAA. I realize that MS does not support either explicit or implicit TLS for SFTP and at this moment I have no workarounds other than breaking them a machine off the network and assigning it a second Public IP. Anyone have a workaround/hack that I can try? Thanks Greg From: Barsodi.John [mailto:[EMAIL PROTECTED] Sent: Thursday, March 06, 2008 8:27 PM To: NT System Admin Issues Subject: RE: Smart Phone Agreed. Too much marketing hype and trend factor there - though such is any Apple product. From: Joe Heaton [mailto:[EMAIL PROTECTED] Sent: Thursday, March 06, 2008 2:45 PM To: NT System Admin Issues Subject: RE: Smart Phone I dunno, I just can't get behind the iPhone. Just seems to be a lot of flash....maybe I'm just getting old. Joe Heaton _____ From: Eric E Eskam [mailto:[EMAIL PROTECTED] Sent: Thursday, March 06, 2008 2:12 PM To: NT System Admin Issues Subject: RE: Smart Phone I think Active Sync support for the iPhone in June my sway things a little. But just a little ;) Eric Eskam =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= The contents of this message are mine personally and do not reflect any position of the U.S. Government "The human mind treats a new idea the same way the body treats a strange protein; it rejects it." - P. B. Medawar From: "Joe Heaton" <[EMAIL PROTECTED]> To: "NT System Admin Issues" <[email protected]> Date: 03/06/2008 05:00 PM Subject: RE: Smart Phone _____ Treos and HTC devices seem to be the overwhelming favorites at the moment. Joe Heaton _____ From: Joseph L. Casale [ <mailto:[EMAIL PROTECTED]> mailto:[EMAIL PROTECTED] Sent: Thursday, March 06, 2008 12:35 PM To: NT System Admin Issues Subject: Smart Phone Anything new in the smartphone with Activesync arena? Salesman needs a new gadget and I haven't followed the scene in ages. What are you guys using with Mobile OS 6 that's stable and workin well? Thanks, jlc ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
