Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
New Member

FTP client which supports NTLM through WSA

We are looking into a FTP Client which supports NTLM in combination with
our WSA proxy servers.

With IE or Firefox browser it works fine.

Currently i.am testing Filzilla version 3.3.4.1 "http://filezilla-project.org" but i can't
seem to get it to work.

On the internet there is not much information available.

Anyone have expierence with FTP clients?

4 REPLIES
New Member

Re: FTP client which supports NTLM through WSA

Wish I could help, but unfortunately we are facing the same exact issue.

New Member

Re: FTP client which supports NTLM through WSA

Have contacted support and they gave me the following information:

###############################################################################################################################

You should be able to use the Filezilla FTP client along with NTLM authentication. The settings for Filezilla would depend on
the below factors & settings:

Using Native FTP Proxy on IronPort
1)      Check the Native FTP port and authentication mechanism configured on IronPort under:
a.       GUI --> Security Services --> FTP proxy
b.      Check the Port and authentication format
2)      Based on the authentication format, you would need to configure settings as the below knowledge-base article:
a.       http://tinyurl.com/nvbt5r

Using FTP over HTTP CONNECT in Filezilla
1)      You can configure this in Filezilla under:
a.       'Edit' --> 'Settings' --> Generic Proxy --> HTTP 1.1 Using CONNECT method
2)      In this section you can specify the NTLM credentials  in the below section:
a.       Proxy Username (DOMAIN\username) and Proxy password 

###############################################################################################################################

So i tried the native ftp option with

Ironport ftp port 8021 with checkpoint auth.

In filezilla under FTP Proxy,

Proxy host %ipaddress%:8021

Proxy user %domain%\%userid%

Proxy pas  **********

Then i get following in Filezilla log:

Status: Using proxy IPADDRESS:8021

Status: Connecting to IPADDRESS:8021...

Status: Connection established, waiting for welcome message...

Response: 220 FTP Server message!!!

Command: USER anonymous@domain\userid@microsoft.com: 331 User name okay, need password.

Response

Command: PASS ***************************

Response: 530 Login denied

Error: Critical error

Error: Could not connect to server

So i think the following part goes wrong:

Command: USER anonymous@domain\userid@microsoft.com

If i have the correct solution i wil post it here!

New Member

Re: FTP client which supports NTLM through WSA

We were actually able to get FileZilla to work.

Try using Ironport ftp port 8021 with raptor auth.

with

FileZilla

Under FTP Proxy set to

Custom and

     USER %u@%h %s
     PASS %p
     ACCT %w

Followed by your proxy host ip, proxy username and proxy password.

That seems to have solved the issue for us.

Good luck.

New Member

Re: FTP client which supports NTLM through WSA

Thanks for the reply,

I have it working now also with tnx to the Cisco Ironport engineers!

My setup was correct with the ckecpoint auth but i tested a user with a password that containt an "@" sign and

then it does not work!

The only problem we have is that the windows account is sent in clear text to the proxy server.

The only solution to this is to use FTP over HTTP CONNECT instead of Native FTP!

4111
Views
0
Helpful
4
Replies