Enabling User Isolation on IIS FTP site
We have a FTP site currently set to 'Do not isolate users' and 'FTP root folder'. This works nicely for most of our users however we want to add another user who needs to start in a specific sub directory.
I think this can be achieved using user isolation by setting a home directory in AD for all users as per here: http://www.iis.net/learn/publish/using-the-ftp-service/configuring-ftp-user-isolation-in-iis-7
However that would require setting it for all our other users and potentially disrupting them. Are there any other good approaches that i've missed?
Hi,
For the iis question, i would suggest you may ask in:
http://forums.iis.net/
Thanks for your understanding.
Regards.
Vivian Wang
Similar Messages
-
Hi,
My operating code DirectoryEntry ftpSvc = new DirectoryEntry ("IIS :/ / localhost / msftpsvc"); foreach (DirectoryEntry entry in ftpSvc.Childern) { ...},
in IIS6.0 work properly, but in IIS7.5 throws COMException exception under: The specified path cannot be found I installed all II 6 compatibility items, I have disabled user control authority, and tried "msftpsvc" also "FTPSVC" or "FTPSVC1"
. Nothing is working. It is working fine for W3svc and not for ftp sites alone
Can you please suggest a solution?Hi Santhoshkba86,
Actually this forum is to discuss the VS IDE, Since this thread is related to the IIS FTP site, like this thread:
http://social.msdn.microsoft.com/Forums/en-US/49703f19-8d27-4f90-9fb9-45905810d4b1/iis-ftp-site-creation-and-management-using-c?forum=csharpgeneral
I suggest you post this issue to the IIS forum:
http://forums.iis.net/default.aspx/41?IIS+7+and+Above, and there you would get dedicated support.
Best Regards,
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey. -
Setting up FTP on Domain Controller using User Isolation
Hi all,
Our FTP site is set on a domain controller (not best practice i know, but i wasn't involved in the implementation of it) However, it currently works with the "FTP Root Directory" option selected, however this is not very secure as everyone has access
to everything. I need to set it up so it uses "Username Directory" as this is a domain controller, and i want them to authenticate via AD User/Group. However when i select that option, i can't connect to the FTP site - Connection attempt failed with
"EAI_NONAME - Neither nodename nor servname provided, or not known". When i change it back to "FTP Root Directory" it connects fine.
Basic Authentication is Enabled and Anonymous Authentication is disabled.
Virtual Directory option is selected under directory listing options.
Our FTP folder structure is E:\FTPRoot it got moved to this drive as it's a bigger drive.
I've set up a Virtual Directory for the FTP site and for the individual folders.
I'm stuck on what else to try, any advice and guidance would be appreciated.Hi,
FTP setup is related to IIS so you could post the question to IIS forum instead.
http://forums.iis.net/
Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Win8 clients can't write over FTPS to Win 2012 with FTP site hosted in IIS 8
I've made an interesting discovery that is mentioned in part on other posts in other forums. This involves IIS; however, I believe the issue rests with the Windows Server 2012 OS.
Here's the scenario.
Client:
Windows 8
almost any FTP client
Server:
Windows Server 2012
FTP site hosted in IIS 8
Problem:
The client connects to the FTP site via FTPS (regular FTP works). The connection is successful, and the client is able to list the directories and download content. However, the client cannot upload anything to the FTP site.
Error: 550 The supplied message is incomplete. The signature was not verified.
Any of the following modifications to the scenario will allow the client to upload content:
changing the client OS to Windows 7
changing the server OS to Windows 2008 or 2008 R2 (IIS7+)
changing the FTP client to CoreFTP (I've tried FileZilla, the Microsoft FTP client, SmartFTP, and WinSCP)
I found this post regarding FileZilla that states there is an SSL cipher ordering issue with Windows Server 2012 and IIS8 for FTP clients using explicit TLS:http://trac.filezilla-project.org/ticket/7910
Their "solution" points to an MSDN blog post here:
http://blogs.msdn.com/b/kaushal/archive/2011/10/03/taming-the-beast-browser-exploit-against-ssl-tls.aspx
This states that you need to reorder the SSL ciphers with TLS_RSA_WITH_RC4_128_SHA as the highest priority; however, there is a limitation to the text file where you order the ciphers, 1023 characters, which is less than the total number of characters for
all ciphers. This means you must know which ciphers will be needed and in which order as to not break anything else. That's not a viable workaround.
Does anyone know if there is a patch coming down to fix this, or are there any more viable workarounds? One would think a Windows 8 client should be able to connect via FTP with explicit TLS to an FTP hosted in IIS8 on Windows Server 2012 to upload
content.Hi,
As the MSDN blog mentioned, that currently we can only workaround the issue with provided settings. As FTP settings are now included in IIS, it is still recommended to post to IIS forum to see if there
is any known suggestion regarding this.
http://forums.iis.net/
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forum a great place. -
I am setting up CPS. I am setting up users using the
file-bases selection. I have a connection between publishing server
and the website. When I go into the administrative tools in
Contribute and go to Publishing Server, and click the button to
Enable User Directory, I first receive a message that Local/Network
protocol cannot be used with both Windows and Macintosh computers.
Am I sure I want to enable it? I click Yes because we don't have
any Macintosh computers. Then i have a window to login using my
User Directory name and password. I have entered this the same way
it is entered in the User Directory. I check the "Trust the server"
box and click OK. I then receive a message that my user name and
password are incorrect. I've changed the password in the User
Directory in case it was typed wrong but still receive the same
thing. Can anyone tell me what the problem is? I believe I've set
everything up according to the documentation. Please help. We are
needing to get this site out asap. Thanks.Not entirely sure, but I've had it stop like that when it
tried to validate the FTP connection. We've had to add folks to our
FTP server in order to make it work. -
Transfer a file from App Server to a FTP site.
Hi, Abapers.
I need your help. Probably, this topic has already been posted in a similar way, but we need an answer to solve our problem.
We have to sent a PDF file from a directory of our app server (AIX) to a FTP directory... which would the FM sequence we should use to goal it?
Best Regards.Hi Santiago,
create fm to send file from APP server to FTP site.
if you want to Post file from desktop to Appl use Transaction - CG3Y
if you want to Post file from Appl to Desktop use Transaction - CG3Z
copy the code below....
* Author: Prabhudas Date: 02/21/2006 *
* Name: Z_FTP_FILE_TO_SERVER *
* Title: FTP File on R/3 Application Server to External Server *
*"*"Local Interface:
*" IMPORTING
*" REFERENCE(DEST_HOST) TYPE C
*" REFERENCE(DEST_USER) TYPE C
*" REFERENCE(DEST_PASSWORD) TYPE C
*" REFERENCE(DEST_PATH) TYPE C
*" REFERENCE(SOURCE_PATH) TYPE C
*" REFERENCE(FILE) TYPE C
*" REFERENCE(BINARY) TYPE CHAR1 OPTIONAL
*" REFERENCE(REMOVE_FILE) TYPE CHAR1 OPTIONAL
*" TABLES
*" FTP_SESSION STRUCTURE ZMSG_TEXT OPTIONAL
*" EXCEPTIONS
*" CANNOT_CONNECT
*" SOURCE_PATH_UNKNOWN
*" DEST_PATH_UNKNOWN
*" TRANSFER_FAILED
*" COMMAND_FAILED
DATA: w_password TYPE zftppassword,
w_length TYPE i,
w_key TYPE i VALUE 26101957,
w_handle TYPE i,
w_command(500) TYPE c.
REFRESH ftp_session.
* Scramble password (new Unicode-compliant routine)
w_length = STRLEN( dest_password ).
CALL FUNCTION 'HTTP_SCRAMBLE'
EXPORTING
SOURCE = dest_password
sourcelen = w_length
key = w_key
IMPORTING
destination = w_password.
* Connect to FTP destination (DEST_HOST)
CALL FUNCTION 'FTP_CONNECT'
EXPORTING
user = dest_user
password = w_password
host = dest_host
rfc_destination = 'SAPFTPA'
IMPORTING
handle = w_handle
EXCEPTIONS
not_connected = 1
OTHERS = 2.
IF sy-subrc <> 0.
MESSAGE ID sy-msgid TYPE sy-msgty NUMBER sy-msgno
WITH sy-msgv1 sy-msgv2 sy-msgv3 sy-msgv4
RAISING cannot_connect.
ENDIF.
* Optionally, specify binary file transfer
IF binary = 'X'.
w_command = 'bin'.
CALL FUNCTION 'FTP_COMMAND'
EXPORTING
handle = w_handle
command = w_command
TABLES
data = ftp_session
EXCEPTIONS
command_error = 1
tcpip_error = 2.
IF sy-subrc <> 0.
CONCATENATE 'FTP command failed:' w_command
INTO w_command SEPARATED BY space.
MESSAGE ID 'ZW' TYPE 'E' NUMBER '042'
WITH w_command
RAISING command_failed.
ENDIF.
ENDIF.
* Navigate to source directory
CONCATENATE 'lcd' source_path INTO w_command SEPARATED BY space.
CALL FUNCTION 'FTP_COMMAND'
EXPORTING
handle = w_handle
command = w_command
TABLES
data = ftp_session
EXCEPTIONS
command_error = 1
tcpip_error = 2.
IF sy-subrc <> 0.
CONCATENATE 'FTP command failed:' w_command
INTO w_command SEPARATED BY space.
MESSAGE ID 'ZW' TYPE 'E' NUMBER '042'
WITH w_command
RAISING source_path_unknown.
ENDIF.
* Navigate to destination directory
CONCATENATE 'cd' dest_path INTO w_command SEPARATED BY space.
CALL FUNCTION 'FTP_COMMAND'
EXPORTING
handle = w_handle
command = w_command
TABLES
data = ftp_session
EXCEPTIONS
command_error = 1
tcpip_error = 2.
IF sy-subrc <> 0.
CONCATENATE 'FTP command failed:' w_command
INTO w_command SEPARATED BY space.
MESSAGE ID 'ZW' TYPE 'E' NUMBER '042'
WITH w_command
RAISING dest_path_unknown.
ENDIF.
* Transfer file
CONCATENATE 'put' file INTO w_command SEPARATED BY space.
CALL FUNCTION 'FTP_COMMAND'
EXPORTING
handle = w_handle
command = w_command
TABLES
data = ftp_session
EXCEPTIONS
command_error = 1
tcpip_error = 2.
IF sy-subrc <> 0.
CONCATENATE 'FTP command failed:' w_command
INTO w_command SEPARATED BY space.
MESSAGE ID 'ZW' TYPE 'E' NUMBER '042'
WITH w_command
RAISING transfer_failed.
ENDIF.
* Disconnect from destination host
CALL FUNCTION 'FTP_DISCONNECT'
EXPORTING
handle = w_handle.
* Optionally, remove file from source directory
IF remove_file = 'X'.
CONCATENATE source_path '/' file INTO w_command.
CONCATENATE 'rm' w_command INTO w_command SEPARATED BY space.
OPEN DATASET '/dev/null' FOR OUTPUT FILTER w_command.
CLOSE DATASET '/dev/null'.
ENDIF.
Regards,
Prabhudas -
User Profile Service Application - My Site Suggestions Email Job
User Profile Service Application - My Site Suggestions Email Job is sending duplicate emails. It runs 15th of every month at 10 pm. On 15th July, it ran from 10 pm to 11 pm and sent two emails during this interval. Can anyone please let
me know what could be the possible reason behind this issue.
Thanks!Hi Mannnn,
Did you tried flushing timerservice? please flush timer service cache, restart IIS and then check.
Let me know if you want steps on flushing sharepoint timer service.
Viral Shah http://sharepointshah.blogspot.com -
Unable to access FTP Site via internet
Hello All,
Here is a problem that I'm facing accessing my home deployed FTP Server on Windows 2008 Server via internet. Below is the description of setup at my home.
1. I've a private network behind D-link DSL 2750U router.
2. I've forwarded Port 21 to my FTP Server in private network (FTP Server IP: 192.168.1.2)
3. FTP Site is deployed in IIS 7.5 with Anonymous access rights (so obviously no username and password is required to access it).
4. In IIS 7.5, FTP Site binding is set as "
5. I'm able to access my ftp site within private network (via command prompt and any browser).
6. I've registered a domain name ftp.tx-fr.tk for my FTP site so that I can use it from outside world and here are settings.
7. I'm able to ping this (ftp.tx-fr.tk ) domain name.
8. All firewalls are disabled for testing purpose (Will implement security later, once primary issue resolves).
Now here is the problem, whenever I type in ftp://ftp.tx-fr.tk in my browsers,
IE 9 and Chrome prompts for username and password, whereas Mozilla throws a message as "421 Login Incorrect".
Same happens when I use command prompt to access the FTP site using domain name.
Here is the funny part, when I'm prompted for username password, I typed in router's credentials (U:admin, P:admin) and I get
"Internet Explorer cannot display the webpage" in IE 9, "421 Login Incorrect" in Mozilla.
Whereas when CMD is used to access the site, I'm able to log in using router's credential but none of the command executes
Now is there anyone who can assist me resolving this case?
Kind regards,
AniruddhaI would have ask in IIS forums: http://forums.iis.net/
Thanks -
Unable to Enable User Profile Disks in RDP server 2012R2
I am setting up a new Windows server that will act as an RDP server. The server has been built with Windows Server 2012R2.
I have the following roles and services working on the server: RD Web Access, RD Gateway, RD Licencing (with 30 user cal licences), the RD Connection broker, and the RD session host.
I have a SSL certificate configured and installed on the site, and both external and internal DNS are configured and working.
I have created and published an application collection and this is working. That is, when you go to https://remote.<servername>.org you are presented with a log in screen, users can log in with their domain accounts and then can connect to the published
applications, this is working both on our internal network and from the general internet.
So all the roles on the server are working and the collection itself is also working. However, what I cannot do is set it up so that we can use user profile disks with that collection. When I go through the Session Collection Wizard and I get to "User
Profile Disks" I can click on "Enable user profile disks" and then you can enter the options below.
I am entering the share location under location \\<servername>\<sharename>
I am using the default "store all user settings and data on the user profile disk"
Then I go to create the profile disks and I get the following error:
"Could not create the template VHD. Error Message: -2147024809
This has happened multiple times, I have done the following:
- installed all windows updates and rebooted the server, same error
- checked the share permissions AND the folder permission for that share, for testing purposes I have set permissions on both the folder and the share to allow full control to "everyone" (I also tried it with only "domain users") but
same error message.
- I have checked to see that no quotas are imposed on the disk where I am attempting to create the profile disks - this was because this was the closest thing I could find on Technet was this post:
https://social.technet.microsoft.com/Forums/windowsserver/ru-RU/aec30527-d742-42b9-950e-85c709c4cb45/vdi-problem-creating-user-profile-disks?forum=winserverhyperv
And that was a quota issue that I am not having.
The UPD wizard says the following "the servers in the collection must have full control permission on the user profile disk share and the current user must be a member of the local Administrators group on that server"
Both of those things are true.
I have attempted to search for that specific error message (-2147024809) and have found nothing on Technet or any other site.
I am hoping someone here has some thoughts. Thanks in advance.I was looking at both the technet article for setting up UPD as well as this walk-through:
http://thewolfblog.com/2014/02/24/user-profile-disks-for-rds-2012-2012-r2/
The step after the creation of the disk in this walk-through is to look at who has permission on the .vhdx file, now obviously I am not at that step, but that is what led me down the trail of looking at user permissions, hence my attempts to set up shares
where 'everyone' has full permissions on both the share and the folder.
I have tried to set up multiple shares for the collection, I have tried on two different disks (volumes) on the RDP server itself, I also tried setting up a share on our fileserver (which has all kinds of shares working fine) and the same error occurred
in all cases.
I also found this Technet article:
https://social.technet.microsoft.com/Forums/windowsserver/en-US/d6469d31-6540-4075-a85f-a6e8f7c11e89/user-profile-disk-template-cannot-be-created-when-setting-up-session-collection?forum=winserverTS
So that seems close to what I am looking for, but I have checked and the exact group policy that was causing the above linked issue is not defined in our group policies, but maybe there are other group policies that are causing the issue? -
Connect to FTP site with Apache commons net FTP client through Proxy
Hello,
I am trying to run this simple code to connect to FTP site through a proxy.
import org.apache.commons.net.ftp.FTP;
import org.apache.commons.net.ftp.FTPClient;
public class MyTest {
public static void main(String[] args) {
String ftpHostName = "ftp.xxx.com";
int ftpPort = 21;
String ftpUserName = "myUserName";
String ftpPassword = "myPassword";
System.setProperty("socksProxyHost" ,"10.148.0.131");
System.setProperty("socksProxyPort", "1080");
FTPClient ftpClient = new FTPClient();
try {
System.out.println("connecting");
ftpClient.connect(ftpHostName, ftpPort);
System.out.println("connected");
System.out.println("loging in");
boolean successLogin = ftpClient.login(ftpUserName, ftpPassword);
if(successLogin)
System.out.println("success login");
else
System.out.println("fail login");
catch (Exception e) {
e.printStackTrace();
finally {
try {
System.out.println("loging out");
ftpClient.logout();
System.out.println("disconecting");
ftpClient.disconnect();
catch (Exception e) {
e.printStackTrace();
I am getting the following error:
C:\temp\ftp\test>java.exe -cp ./commons-net-ftp-2.0.jar;. MyTest connecting
java.net.SocketException: Malformed reply from SOCKS server
at java.net.SocksSocketImpl.readSocksReply(SocksSocketImpl.java:87)
at java.net.SocksSocketImpl.connectV4(SocksSocketImpl.java:265)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:437)
at java.net.Socket.connect(Socket.java:519)
at org.apache.commons.net.SocketClient.connect(SocketClient.java:176)
at MyTest.main(MyTest.java:23)
loging out
java.lang.NullPointerException
at org.apache.commons.net.ftp.FTP.sendCommand(FTP.java:471<ftp://FTP.java:471>)
at org.apache.commons.net.ftp.FTP.sendCommand(FTP.java:534<ftp://FTP.java:534>)
at org.apache.commons.net.ftp.FTP.sendCommand(FTP.java:583<ftp://FTP.java:583>)
at org.apache.commons.net.ftp.FTP.quit(FTP.java:794<ftp://FTP.java:794>)
at org.apache.commons.net.ftp.FTPClient.logout(FTPClient.java:697)
at MyTest.main(MyTest.java:39)
I am able to do this using a different FTP client library, ftp4j-1.5.1<ftp://ftp4j-1.5.1> using the following code:
import it.sauronsoftware.ftp4j.FTPClient;
import it.sauronsoftware.ftp4j.connectors.SOCKS4Connector;
public class MyTestFtp4J {
public static void main(String[] args) {
String ftpHostName = "ftp.xxx.com";
int ftpPort = 21;
String ftpUserName = "myUserName";
String ftpPassword = "myPassword";
FTPClient ftpClient = new FTPClient();
ftpClient.setConnector(new SOCKS4Connector("10.148.0.131", 1080));
try {
System.out.println("connecting");
ftpClient.connect(ftpHostName, ftpPort);
System.out.println("connected");
System.out.println("loging in");
ftpClient.login(ftpUserName, ftpPassword);
System.out.println("success login");
catch (Exception e) {
e.printStackTrace();
finally {
try {
System.out.println("disconecting");
ftpClient.disconnect(true);
catch (Exception e) {
e.printStackTrace();
So I know the proxy settings are correct.
The java version I used to compile and run my apps is 1.6.0_06 Does anyone can help figure out what is wrong when I use the Apache commons net FTP client?
Thank you
JonIs the old AirPort Extreme base station (AEBS)
configured so that the option to distribute IP
addresses is DISABLED? If so, configure the new AEBS
to act as a bridge.
Are you suggesting I use a set-up with TWO AEBSs? Set up a bridge (not sure how) and then use the old AEBS to connect to the DSL modem and broadcast to the new Extreme which will then be the router to the other computers on the network?
Do you have any port mapping or default host enabled
on the old AEBS?
I do not understand, not do I see these options in the Base Station utitlity; perhaps they are in the FTP options--but that, I'm sorry to say, is not obvious to my inspection.
Duane, can you give me a few more basic instructions? Thanks
iMac 17 -
How do I set a user to access with ftp to his/her website folder ?
I am new to MacOSX
I come from Linux Server administrated with Virtualmin
I was able to setup with SLP 10.6.8
Now everything works but ftp ...
I want to do this:
1) web site domain1 = OK
2) mail user@domain1 = OK
3) mysql access user(domain1) = OK
---> 4) ftp user(domain1) = home web site domain1 = NOT OK ! <---
How to tell server to let user(domain1) access throught ftp and jump into his/her home site folder ?
This is necessary for me to grant access to his/her site home and upload, modify stuffs etc ...
Also I am using cms like Drupal, Wordpress and so on that can upload and install upgrades via web admin panel and with MacOSX isn't working !
Gimme some hints please Server Admin is too poor and I had to manually add user and link to relative services ... now i am stuck on ftp ...It is in the process of being disabled. It will likely be some time next week before the code will be reverted.
-
Hello. I have to figure out a way to allow ipad users to open a specific ftp folder from our ftp site on their ipads. so far when i attempt to open the ftp url safari tells me i have no permission. if i try it at my computer it works properly and prompts me for a password. the only option i have found is to give these people access to the whole ftp site via one of the many ftp apps out there. the problem with that is they may end up deleting something they shouldnt or seeing something they are not supposed to have access to.
ftp://[email protected]/CEB%20Joint%20meeting%20October%2017 is the urlTry to reset it by holding the power and home buttons at the same time until you see the Apple logo, then release.
-
Hi,
I am currently having issues with deleting a content database for mysites which has web application http://<servername>:11100. The database was migrated from sharepoint 2010, but on creating web app it timed out (was corrupt due to this). Problem
is I cannot delete now as I get "Request Timed Out". Even when I try just deleting the Web App or the Content Database individually. I have already updated the timeout on the Central Admin App Pool to 300. This used to work, but no joy now. Seems
like ever since I added this My Sites Web App I am getting this problem.
The setup is 1 Database Server (64GB), 1 Admin Server (24GB) and 3 WFE Servers (12GB each) - all VMS. System is also running PowerPivot. Central Admin is running on a WFE server. Is this setup OK for just one user? Reason I have 3 WFE is this already existed
and App Servers will be scaled out when we start testing. Running 11 Web Applications.
Help appreciated - any ideas?
Thanks.
John.
OH - I tried to delete with powershell and it tells me it requires SHarePoint Administration Service to be running, but the problem is it is already running on the WFE with Central Admin on.Hi John,
The timeout may cause this issue. But would you let me know the error message when we delete the database?
However, you can delete the web application(my site host) and click delete database and IIS web site option.
Also, you can try to clean cache and check if issue persists:
Please stop SharePoint Timer Service.
Please navigate to the cache.ini file location:
Delete all the .xml file and only leave cache.ini in the file location.
Edit the Cache.ini file and set it to 1.
Save the Cache.ini file
Start SharePoint Timer Service. The cache file will be created autumnally.
Any questions, please let me know.
Best Regards,
Dats Luo -
IWeb FTP sites from Power Mac to MackBook Pro
How do I move Powe Mac/iWeb 9 FTP sites to a MacBook Pro/iWeb 11?
You might have a MacBook Pro, but it does not have iWeb 11 - that does not exist. It has iLife 11 installed, but you still have iWeb 09, which is still part of the iLife 11 boxed set.
To move your sites, you need to move your domain.sites files and transfer these from your old Power Mac to your new Mac. These are located under User/Library/Application Support/iWeb/domain.sites. Make sure that you do in fact look under your User Library and NOT your System Library, as iWeb is not there. -
I thought I would run this by the forum in case there is someone out there who experienced the same issue. I have users behind an ASA5520 firewall running 8.x code who are unable to access a particular ftp site through a web browser or an ftp client such as FileZilla. Keep in mind that other ftp sites are accessible. I was notified of this as it worked in the morning of a particular day and then stopped working in the afternoon on the same day. Accessing the site from our guest network(different firewall) is possible. The SysAdmin insists it is a firewall issue. I have run the packet tracer on the firewall and the traffic is allowed. FTP inspection is configured. I get the same results when I try to access with IE or Firefox. Anyways, I thought I would post the questions to see if anyone has seen something like this before. If anyone is interested, the site is ftp://authordev.healthstream.com. TIA for any help or advice.
Hi,
You could always take a packet capture on the firewall and/or on the actual host to see where the communication stops.
You could for example configure the ASA to capture the traffic between the client and the server.
Example configuration could be
access-list FTP-CAP permit ip host host
access-list FTP-CAP permit ip host host
capture FTP-CAP type raw-data access-list FTP-CAP interface buffer 10000000
You could naturally also capture the traffic on the internal side of the firewall if you want to compare the 2 captures on both sides of the firewall
access-list FTP-CAP-INTERNAL permit ip host host
access-list FTP-CAP-INTERNAL permit ip host host
capture FTP-CAP-INTERNAL type raw-data access-list FTP-CAP-INTERNAL interface buffer 10000000
You can then use the following command to confirm if traffic is captured
show capture
You can use the following command to show the capture on the CLI
show capture FTP-CAP
show capture FTP-CAP-INTERNAL
I would suggest copying the actual captures to your computer with following commands and then viewing the contents with Wireshark
copy /pcap capture:FTP-CAP tftp://x.x.x.x/FTP-CAP.pcap
copy /pcap capture:FTP-CAP-INTERNAL tftp://x.x.x.x/FTP-CAP-INTERNAL.pcap
You can remove the captures from the ASA with
no capture FTP-CAP
no capture FTP-CAP-INTERNAL
The ACLs will have to be removed separately.
These captures should give you a picture what happens to the FTP connection.
- Jouni
Maybe you are looking for
-
Outlook does not have any duplicates in Contacts, Calendar, or Notes yet when synced to IPhone get duplicates in all three Reset Phone, delselected all three and resynced no help. Removed all three from Outlook and synced and all three were now empty
-
Has anyone had any success with Dynamic Routing on SoaSuite 11.1.1.6. Either through a mediator or through a BPEL Phase activity? This has been posted previously but I haven't seen a solution yet The error I get is Non Recoverable Business Fault : Fa
-
my screen went black with the iTunes log and USB stick on after iTunes took a reserve copy. Hard reset or reboot does not work. What can I do next?
-
Seeking a fingerprint sensor driver for hp dv5-1170el windows 8 64 bit!
Hello! I upgraded an HP dv5-1170el in windows 8 pro 64bit! I can not find a compatible driver for the detector footprints! From what we found on the net drovebbe be the model Validity VFS101, correct me if I'm wrong! I tried to install the driver for
-
How do I transfer song info in iTunes Library back to mp3 files?
1. some info of my songs in my itunes library is different from the info stored in the respective mp3 files 2. I want the song info in the itunes library to be preserved 3. but when I play a song in iTunes, iTunes would automatically obtain song info