SmartFTP working with MS ISA Server 2006

Good evening. I am evaluating several FTP client programs before deciding on and purchasing one for our users but I have issues getting some of them to work. One of the programs that I am evaluating is SmartFTP.

(Network overview): I have a network with ISA Server 2006 with SP1 installed and functioning as a proxy (firewall) server. I have the Microsoft Firewall Client installed on the workstation. I am trying to configure the FTP client to work with Microsoft ISA Server 2006 but can’t seem to get the correct settings for it to function properly. If I use Internet Explorer, Firefox, etc. to connect to an FTP site with proxy settings, everything works fine. If I use the FTP program to connect to an FTP site without any proxy firewall settings configured within the program itself, it also works fine. But If I configure the FTP client program to use proxy settings (I’ve tried several different ways), it doesn’t work. Depending on the settings that I use in the FTP client program, I receive one of the following error messages:
– “HTTP/1.1 502 Proxy Error (The specified Secure Sockets Layer (SSL) port is not allowed. ISA Server is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests.)”
– (All directories appear as 0 length byte files, I receive the error) “Control connection closed.”
– (when using SOCKS4, I receive the error:) “Socks server reports: 'General socks failure'.”
– (or the FTP program asks me to authenticate to the proxy and using user, domain\user or user@domain doesn’t work)

Is there anyone that can provide me with the correct settings needed in the FTP client program so that it works with MS ISA Server 2006?

Thanks in advance for any assistance,

There are two ways:
A) Configure your ISA server to support SOCKS4A. Then go to the proxy settings in the favorite properties (Connection->Proxy) dialog and set the proxy to SOCKS4A.

B) Firewall Client
1. Install the Firewall Client on the workstation or run it as a SecureNAT Client
2. Create the proper Access Rule for outbound FTP or add the FTP Protocol to a valid existing Rule
3. Configure the FTP Protocol in the Access Rule to *not* be Read-Only if you expect to do uploads/deletes.
4. Run SmartFTP and use a no proxy (default) or set the proxy to none



It works great - thank you. I had tried this setting previously and it seemed to work but when I used ISA to try and monitor the connection it didn't show any traffic between the client and the destination (in ISA under Monitoring - Logging). But if I adjust the rules to block FTP it doesn't allow the connection and if I allow the FTP traffic it works (so it is passing through ISA). Since I didn't see any traffic before while using ISA for monitoring I assumed that it wasn't working.

Just out of curiousity - Do you know if it is possible in ISA to monitor the traffic that is using SOCKS (the configuration that is set up following your instructions)?

Thank you very much for your help,