The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Why doesn't Internet Explorer prompt for authentication when connecting to non-anonymous FTP servers?
Environment: Cisco Web Security Appliance (WSA), all versions of AsyncOS
Note: This Knowledge Base article references software which is not maintained or supported by Cisco. The information is provided as a courtesy for your convenience. For further assistance, please contact the software vendor.
This is a known limitation with Internet Explorer 7 & 8 and web proxies when using FTP over HTTP. There are certain scenarios where Internet Explorer 6 will not prompt as well.
In this scenario the WSA sends a "401 Authentication Required" requesting for user credentials, but Internet Explorer never prompts the user for credentials. As a result, Internet Explorer will show you an error page indicating that authentication against the FTP server has failed.
As indicated in the Microsoft TechNet article, the workaround is to prepend USERNAME and PASSWORD onto the URL. For example: ftp://USERNAME:PASSWORD@ftp.example.com.
Please note, Internet Explorer will NOT allow you to add certain characters, such as the '?' into the password in the URL. If your password includes a character not allowed to be entered in URL, you must encode it into a "URL encoded" value: ftp://username:Pass%3F@ftpsite.com.