0 votes
by (120 points)
edited

Hi,

We use a HTTP Proxy (NTLM Authentification).

following code generates the error

An unhandled exception of type 'Rebex.Net.FtpException' occurred in Rebex.Net.Ftp.dll

Additional information: Error 502 returned by a HTTP proxy (Proxy Error ( The specified Secure Sockets Layer (SSL) port is not allowed. ISA Server is not configured to allow SSL requests from this port. Most Web browsers use port 443 for SSL requests. )).

Dim client As Ftp = New Ftp

client.Proxy.ProxyType = FtpProxyType.HttpConnect
client.Proxy.Host = "proxy"
client.Proxy.Port = 8080
client.Proxy.UserName = "DOMAIN\USER"
client.Proxy.Password = "PASSWORD"

client.Connect("FTPSERVER", 21)

Any idea's ?

Sven Peeters

Applies to: Rebex FTP/SSL

1 Answer

0 votes
by (13.0k points)
edited

This is probably caused by the default behavior of Microsoft ISA server, which only allows requests to ports 443 and 563 using its HTTP Connect method. (Primary use of HTTP Connect is to allow SSL connections to HTTPS servers).

The Microsoft Knowledge Base article Q283284 addresses this issue.

To access FTP sites through ISA server's HTTP proxy, access to all ports must be allowed. FTP's control connection port is 21 by default, but data connections can use virtually any port, because it is assigned by the FTP server. (Although allowing port 21 and ports >1024 should be enough, there might be exceptions.)

To allow connections to all ports through the HTTP proxy, following VB script must be run on the ISA server:

set isa=CreateObject("FPC.Root")
set arraypolicy=isa.Arrays.GetContainingArray.ArrayPolicy
set tprange=arraypolicy.WebProxy.TunnelPortRanges
set tmp=tprange.AddRange("FTP", 1, 65535)
tprange.Save

After the script is run and "Microsoft Firewall Service" ("Microsoft ISA Server Control" in earlier versions) is restarted, it should work.

by (120 points)
Hi, As I stated, I have no access to the ISA-Server. But how can that LeechFTP can use the same proxy to connect to the FTP-server without any problems. Regards, Sven Peeters
by (147k points)
Hello, please check out http://www.rebex.net/ftp.net/faq.aspx#proxy_http - it looks like LeechFTP might be using the HTTP protocol to access FTP servers over the proxy, which is not supported by Rebex FTP (because no FTP protocol is actually being used). Does LeechFTP produce any log to make it possible to tell whether this is the case or not?
...