Publish Secure FTP & FTP through ISA 2006

First thing you need to do is download and install a SFTP server, I use EFT Server 6.0 from here.

Once you install EFT Server, you need to configure a few things using the Wizard. You can use EFT Server as SFTP & FTP, ports 22 & 21 respectively. In ISA 2006, there are a couple of things to keep in mind, The FTP Access Filter which is enabled by default won’t work with SFTP because the connection is encrypted and ISA won’t be able to access it. The other thing is you need to do is edit the filter of the FTP Server protocol and disable Read Only.

SNAG-0062 SNAG-0063

For SFTP & FTP to be published to the one server, you will need 3 rules, one for FTP, one for SFTP & one for the PASV ports.

Create the first one, Publish a Non-Web Server protocol and point this to the internal IP address of the SFTP server.



These 3 rules above are all mostly defaults, except you need to change this setting below on ALL 3 rules, requests appear to come from the ISA Server computer.


The FTP Server protocol will look like this (this should be already installed by default):


The SFTP protocol will look like this (you will need to create this one):


The FTP PASV protocol will look like this (you will need to create this one):


For the PASV ports, you need to set these same ports on the EFT Server.

Open the console for EFT Server, under the localhost, click on your site. The click the connections tab on the right.


Click on the FTP/S Config button


Then tick the box Assign PASV mode IP address, and change the port range to match up with the ISA rule, you can use any ports, I used 5000-5003.

This is pretty much it, ISA should pass through the connections to the SFTP/FTP server normally.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s