In ISA Server 2004, a downstream server forwards an incorrect FTP URL to an upstream server

Consider the following scenario:

• A downstream server is running Microsoft Internet Security and Acceleration (ISA) Server 2004.
• The downstream server is chained to an upstream server.
• A client user tries to access a FTP site by using a URL that is in the following format:
  ftp://user name:password@FTP site
  Note The FTP site placeholder represents the FTP site that the user tries to access.
• The user name or password contains special characters, such as the number sign (#).

In this scenario, the downstream server forwards an incorrect URL to the upstream server. Specifically, extra double characters appear at the end of the user name or at the end of the password. For example, the user tries to access the FTP site by using the following URL:The downstream server forwards the following URL to the upstream server:Note In the forwarded URL, two extra "s" characters appear.

In this scenario, the user cannot access the FTP site as expected.

This problem occurs because ISA Server sends an incorrect URL to the upstream server. ISA Server is expected to send the incoming URL directly to the upstream server without any changes. Instead, ISA Server sends a partially decoded URL.

A hotfix package is available to resolve this problem.

For more information, click the following article number to view the article in the Microsoft Knowledge Base:

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.