Just setup FTP Accelerator access to an internal IIS server for the first
time. I am using the primary public IP address of our BM3.8 SP1a server.

I setup three additonal filters for reverse ftp as per Craigs book. Then
for testing purposes setup a application / ftp deny all rule. After this
I found that access from the public side to the internal ftp server was
still available ?

The rule applied is the first to be read. If I uncheck the servers public
IP address in the FTP Accelerator setup tab, access is nolonger available
which kind of says to me that it getting correctly passed through the ftp

Having never set this up before I'm not sure what to expect when an allow
rule is defined anyway. If it is based on an NDS object should some sort
of login dialog occur ?

The IIS server in question also has a secondary nat mapping to it's
private address for mail purposes. Could this be the reason why using FTP
Accel on the servers primary address doesn't invoke access rules ?

Many Thanks,