You get an “Access Denied” message while trying to modify files via FTP
This is a short one. Really short. ISA tricked me. Once more.
I have a setup with ISA Server 2006 where only certain people have access to outside FTP services. So I’ve setup a rule to just allow FTP for only these few users to the external network. A few days later people started complaining that connecting to FTP servers would succeed, reading files also but changing files on the servers always resulted in an “Access Denied” or “550″ message. Hum - that is strange.
After using the live monitoring feature of ISA and trying it myself over and over again (that actually took me two hours), I tried to see whether the “community” did encounter this before - and see, the solution is as easy as stupid:
Right-Click the FTP access rule, choose “Configure FTP” (Configure FTP! Believe it? How can anyone be *that* blind?) and untick the “Read-Only” box.
I had a similar issue, but I had to select the “FTP Access Filter” within the Application filter section in the Parameters tab of the actual protocol itself. This also took me a couple of hours to figure out.
-Eric
Yes, the FTP Application Filter is a requirement for SecureNAT Clients
Not sure about Web Proxy Clients
Not needed for Firewall Clients running the Firewall Client software which behaves as a universal Application Filter most of the time.