Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Attempting to decrypt a PGP encrypted file FTPed through ISA 2004 SP3

Status
Not open for further replies.
Sep 15, 2003
38
I am attempting to successfully decrypt an ASCII-armored, PGP encrypted file sent via passive mode FTP in ASCII transfer mode from an AS/400 V5R3 server to a test FTP server running McAfee E-Business Server 8.5.2 in my perimeter network proxied through an ISA 2004 SP3 server, and the proxy is initiated through SOCKS v4.

The file is originally encoded in EBCDIC (since it is generated on the AS/400 V5R3 server) and is converted to ASCII with carriage return line feeds (CRLF) inserted as record separators before the file is encrypted into the ASCII-armored format using Trailblazer ZMOD Exchange EDI-INT v3.1.

Since the CRLFs are inserted, through most of my testing I have not used the 'Text encode output' setting. I did attempt enabling the setting thinking that maybe there were still some LFs in there that were being converted to CRLFs and causing the integrity check to fail, but that didn't work either.

The ISA Server 2004 SP3 server is configured with a firewall rule (after the two default rules 'Local Host Access' and 'VPN Clients to Internal Network') to allow all internal traffic to the perimeter network with the 'Network Relationship' currently set to 'NAT', although I have tried setting it to the only other setting of 'Route' to no avail. In 'Application Filters', the 'FTP Access Filter' and 'SOCKS v4 Filter' are set to 'Enabled'. NOTE: I'm not that well-versed in either ISA or routing and switching.

If the file is sent directly to the test FTP server, the file decrypts just fine. If the file is sent through the proxy, we receive Decode Error 32: Decryption error. I haven't been able to find anything more on the error code or a way to enable more detailed logging of the decryption process to figure out exactly where the error is occurring.



Thanks,
-Big T
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top