Allowing FTP Uploads Through ISA Server 2004/2006

[LEFT][CODE]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006.aspx[/CODE]

[B][SIZE=2]Background[/SIZE][/B]
By default, when you create a new Firewall Policy with the FTP protocol included, this access rule will only permit to download from any FTP site, but
will not allow you to upload ( write ) to these FTP sites.
[B]Configuration[/B]

[LIST=1][*] [SIZE=2]Open [B]ISA Management Console[/B]

[/SIZE][*]Create a new Access rule, Right click [B]Firewall Policy [/B], then click on [B]New[/B] then choose [B]Access Rule [/B]( If you already have a [B]Firewall Policy [/B]for the FTP Protocol, then skip these steps and jump to step 14)[/LIST]
[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/New_Access_Rule.JPG[/IMG]

This also can be done from the [B]Right Pane[/B], under the [B]Tasks[/B] bar :
[SIZE=2]
[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/New_Access_Rule_2.JPG[/IMG]
[/SIZE]

[LIST][*] The [B]New Access Rule Wizard[/B] will be launched, give a name to your new rule , in this example we will name it Allow FTP R/W
( Read/ Write ), then click [B] Next[/B]

[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/New_Access_Rule_Wizard.JPG[/IMG][/LIST]

[LIST][*] In the [B]Rule Action[/B] page, we choose which action we want to grant for our users, in this example we want to grant them the FTP access, so we choose [B]Allow[/B], then click [B] Next

[/B][*] In the [B]Protocols[/B] page, From the drop down list of [B]This Rule Applies To[/B], choose [B] Selected Protocols[/B],

[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/New_Access_Rule_Wizard_protocol.JPG[/IMG]

click on [B]Add[/B] button, the [B]Add Protocol[/B] page will open, choose the FTP protocol and click on [B]Add[/B] , then click [B]Close[/B][SIZE=2]

[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/Select_Protocol.JPG[/IMG]
[/SIZE][*] The FTP Protocol will be selected , click [B]Next
[/B]
[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/Select_Protocol_2.JPG[/IMG][SIZE=2] [*] On the [B]Access Rule Sources[/B] page, click the [B] Add[/B] button. In the [B]Add Network Entities[/B] dialog box, click on the [B]Networks[/B] folder. Double click on the [B]Internal[/B] network, then click the [B]Close[/B] button in the [B]Add Network Entities[/B] dialog box. Click [B]Next[/B] in the [B] Access Rule Sources[/B] dialog box.

[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/choose_internal_network_source.JPG[/IMG] [*] [SIZE=2]Click the [B]Add[/B] button on the [B]Access Rule Destinations[/B] page. In the [B]Add Network Entities[/B] dialog box, click the [B]Networks[/B] folder. Double click the [B]External[/B] entry and click [B]Close[/B] in the [B]Add Network Entities [/B]dialog box. Click [B]Next[/B] on the [B]Access Rule Destinations[/B] page.

[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/choose_external_network_destination.JPG[/IMG]
[/SIZE] [SIZE=2] [*] [SIZE=2]On the [B]User Sets[/B] page, accept the default setting of [B]All Users[/B].

[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/All_Users_Condition.JPG[/IMG]

[/SIZE] [SIZE=2] [*] Review your settings and click [B]Finish[/B] on the [B]Completing the New Access Rule Wizard[/B] page.

[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/Review_New_Access_Rule_Wizard.JPG[/IMG] [*] Click the [B]Apply[/B] button to save the changes and update the firewall policy. This button is located at the top of the Details pane
(the middle pane) of the console.

[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/Apply_button.JPG[/IMG][/SIZE][/SIZE][/SIZE][*] [FONT=Arial] Your rule will look this :

[/FONT] [FONT=Arial] [IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/FTP_rule.JPG[/IMG][/FONT][*] The rule you have just created will only permit your to download anything from the FTP sites you visit, but will not allow you to upload, in order to have the ability to upload, follow the following steps
[SIZE=2] [*][SIZE=2] Right click your FTP Rule, then click on [B]Configure FTP[/B]

[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/Configure_Ftp.jpg[/IMG]

[/SIZE] [*]In this page, remove the tick beside the [B]Read Only[/B], then click[B] OK[/B]

[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/Ftp_Read_Only.jpg[/IMG] [*]Click the [B]Apply[/B] button to save the changes and update the firewall policy.

[IMG]http://www.elmajdal.net/ISAServer/Allowing_FTP_Uploads_Through_ISA_Server_2004_2006/Apply_button.JPG[/IMG][/SIZE][/LIST]
[FONT=Arial] [B]Summary
[/B]
[/FONT][FONT=Arial][SIZE=2]In this article, we learned how to create a new Access Rule to allow FTP through ISA server, we also learned why by default we can not upload to any[/SIZE] [SIZE=2]
ftp site and how to enable FTP uploads.[/SIZE][/FONT]

[/LEFT]