SECURE FTP CONFIGURATION SETUP GUIDE



Similar documents
HOW TO CONNECT TO FTP.TARGETANALYSIS.COM USING FILEZILLA. Installation

Basic Exchange Setup Guide

How to setup FTP and Secure FTP for XD Series

HOW TO RETRIEVE FILES FROM THE TARGET ANALYTICS FTP SITE

Basic Exchange Setup Guide

Quick Start Guide. Cerberus FTP is distributed in Canada through C&C Software. Visit us today at

Quick Reference Guide. Online Courier: FTP. Signing On. Using FTP Pickup. To Access Online Courier.

File Space / Web Space / Database Space - Self-Service Allocation August 2009

Information & Communication Technologies FTP and GroupWise Archives Wilfrid Laurier University

smartoci User Guide Secure FTP for Catalog Loads

CASHNet Secure File Transfer Instructions

State of Michigan Data Exchange Gateway. SSLFTP/SFTP client setup

Xerox FreeFlow Digital Publisher Information Assurance Disclosure. Onsite, Cloud and epublishing Configurations

Sysax Multi Server User manual

Accessing Personal Web Folders Macon State College

HP Device Manager 4.6

Secure Transfers. Contents. SSL-Based Services: HTTPS and FTPS 2. Generating A Certificate 2. Creating A Self-Signed Certificate 3

Unifying Information Security. Implementing TLS on the CLEARSWIFT SECURE Gateway

SimpleFTP. User s Guide. On-Core Software, LLC. 893 Sycamore Ave. Tinton Falls, NJ United States of America

Experian Secure Transport Service

User's Guide. Product Version: Publication Date: 7/25/2011

Setup Instructions for Secure Hummingbird FTP

F-Secure Messaging Security Gateway. Deployment Guide

Welcome to the TransPerfect Translations Secure File Transfer Website What is Secure FTP?

FTP Service Reference

How To - Implement Clientless Single Sign On Authentication with Active Directory

[CERBERUS FTP SERVER 6.0]

Plesk 11 Manual. Fasthosts Customer Support

Ad Hoc (Temporary) Accounts Instructions

Lab Configure and Test Advanced Protocol Handling on the Cisco PIX Security Appliance

EDS*ELIT FTP/s Quick Start Guide

OCS Virtual image. User guide. Version: Viking Edition

Configuring Sponsor Authentication

Export & Backup Guide

DSI File Server Client Documentation

FTP Service Reference

F-SECURE MESSAGING SECURITY GATEWAY

File transfer clients manual File Delivery Services

Use Enterprise SSO as the Credential Server for Protected Sites

FTP, IIS, and Firewall Reference and Troubleshooting

Bluesocket virtual Wireless Local Area Network (vwlan) FAQ

Minnesota Health Care Programs (MHCP) MN-ITS User Guide Using MN ITS Batch. Secure FTP General Information.

ShareFile Security Overview

fåíéêåéí=péêîéê=^çãáåáëíê~íçêûë=dìáçé

SFTP Server User Login Instructions. Open Internet explorer and enter the following url:

Accessing the FTP Server - User Manual

Sonian Getting Started Guide October 2008

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2

PIX/ASA 7.x: Enable FTP/TFTP Services Configuration Example

Integrating LANGuardian with Active Directory

If you examine a typical data exchange on the command connection between an FTP client and server, it would probably look something like this:

How to Configure Captive Portal

MCTS Guide to Microsoft Windows Server 2008 Applications Infrastructure Configuration (Exam # )

FL EDI SECURE FTP CONNECTIVITY TROUBLESHOOTING GUIDE. SSL/FTP (File Transfer Protocol over Secure Sockets Layer)

How To Troubleshoot A Log And Event Manager Reports On Windows (Windows) (Windows 7) (Powerbook) (X86) (Apple) (Mac) (Amd64) (For Windows) (Ms

2X ApplicationServer & LoadBalancer Manual

How To - Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment

Security. TestOut Modules

Global Knowledge MEA Remote Labs. Remote Lab Access Procedure

Quickstart guide to Authentication

Transferring Your Internet Services

Install FileZilla Client. Connecting to an FTP server

SaaS Encryption Enablement for Customers, Domains and Users Quick Start Guide

TECHNICAL NOTE TNOI27

Immotec Systems, Inc. SQL Server 2005 Installation Document

Online Backup Client User Manual Mac OS

Online Backup Client User Manual Mac OS

Introduction Connecting Via FTP Where do I upload my website? What to call your home page? Troubleshooting FTP...

Configure Backup Server for Cisco Unified Communications Manager

II. Implementation and Service Information

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

Plesk Panel HEAnet Customer Guide

How To Set Up A Backupassist For An Raspberry Netbook With A Data Host On A Nsync Server On A Usb 2 (Qnap) On A Netbook (Qnet) On An Usb 2 On A Cdnap (

Exchange Outlook Profile/POP/IMAP/SMTP Setup Guide

Reference and Troubleshooting: FTP, IIS, and Firewall Information

CONNECTING TO DEPARTMENT OF COMPUTER SCIENCE SERVERS BOTH FROM ON AND OFF CAMPUS USING TUNNELING, PuTTY, AND VNC Client Utilities

Click Studios. Passwordstate. Password Discovery, Reset and Validation. Requirements

qliqdirect Active Directory Guide

ASA 8.3 and Later: Enable FTP/TFTP Services Configuration Example

2X ApplicationServer & LoadBalancer Manual

Sophos UTM Web Application Firewall for Microsoft Exchange connectivity

Step-by-Step Configuration

Integrated Citrix Servers

Connecting to the School of Computing Servers and Transferring Files

Secure Web Appliance. SSL Intercept

RSA SecurID Ready Implementation Guide

Royal Mail Business Integration Gateway Specification

Access Instructions for United Stationers ECDB (ecommerce Database) 2.0

CreationDirect. Clearstream file transfer connectivity solutions

Product Manual. Administration and Configuration Manual

Setting Up SSL on IIS6 for MEGA Advisor

Methods available to GHP for out of band PUBLIC key distribution and verification.

Installation and configuration guide

Updated: 7/10/2013 Author: Tim Unten

MailEnable Connector for Microsoft Outlook

Configuration Guide. BES12 Cloud

freesshd SFTP Server on Windows

Canon WFT-E1 (A) Wireless File Transmitter. Network Support Guide

IBM Aspera Add-in for Microsoft Outlook 1.3.2

Transcription:

SECURE FTP CONFIGURATION SETUP GUIDE

CONTENTS Overview... 3 Secure FTP (FTP over SSL/TLS)... 3 Connectivity... 3 Settings... 4 FTP file cleanup information... 5 Troubleshooting... 5 Tested FTP clients for MS Windows & UNIX / Linux platforms... 8 FileZilla... 10 w: www.communicatorcorp.com 2

OVERVIEW When sharing customer data, it is always recommended that data is transferred using the File Transfer Protocol (FTP). This provides a secure way of transferring data and allows for compliance with our data security policy. This guide provides the background to FTP and also supplies the settings required to connect to the FTP site which Communicator has provided you. SECURE FTP (FTP OVER SSL/TLS) Secure FTP (FTP over SSL/TLS) comes under many guises. Communicator only supports the use of FTPES (explicit mode) and FTPS (implicit mode).these 2 connection types should not be confused with other types of connections called SSH FTP or SFTP. These connection methods pass data via the Secure Shell (SSH) protocol which is not compatible with enhanced secure technologies like SSL certificates. Secure FTP works in a similar way as the security on websites. Both methods use SSL certificates which are assigned by a trusted authority, encrypt data over the connection and ensure that the company who owns the domain is who they say they are. The ability to resume FTP uploading/downloading to/from Communicator s servers is supported; this resume capability is dependent upon the FTP client feature set. If the FTP client supports this feature, resumes will automatically be enabled. CONNECTIVITY Communicator does not support the use of the Active transport Mode in line with recommendations across the Internet community; all file transfer connections are configured for passive mode only. The vast majority of new FTP clients are preconfigured to use the "AutoDetect" mode; this will automatically re-configure the FTP client to use the supported transport mode of "Passive". Due to the nature that the passive transport mode works, you may need to open up a range of ports on your firewall to enable connectivity to Communicator s FTP servers. If you are unsure of how to perform this action, please contact your IT Department for further information. The below tables show the information required to allow access to the FTP service. Please be aware that the majority of FTP connectivity issues are caused by incorrect firewall rule configuration. w: www.communicatorcorp.com 3

SETTINGS Due to the wide range of potentially supported configurations Communicator only supports the following configuration: FTPES (EXPLICIT MODE) - PREFERRED METHOD Host/Destination : (current IP address 62.216.253.139*) TCP Port : 21 (FTP Control Channel) TCP Ports : 49152 65535 (FTP Data Channel) FTPS (IMPLICIT MODE) Host/Destination : (current IP address 62.216.253.139*) TCP Port : 990 (FTP Control Channel) TCP Ports : 49152 65535 (FTP Data Channel) *IMPORTANT NOTE To enhance security between the user and Communicator, the user can configure their firewall rules to have an inbound/outbound rule that only uses the information defined above and only allowing traffic between the user's external IP address and Communicator's external IP address, thereby restricting potential abuse by external sources. Please note that Communicator may in time change the external IP address associated with. For this reason, where possible, please reference the host name rather than the IP address. Communicator recommends that users connect to Communicator s secure FTP servers using explicit mode (sometimes referred to as FTPES in older FTP clients). This mode uses the same control port as normal FTP TCP Port 21, and TCP Data Ports: 49152 65535 (inclusive). COMPATIBILITY NOTE: To help protect Communicator against any potential security threats, the SYST command has been blocked, and all directory listings are displayed in the standard UNIX format. Communicator will not divulge whether they are running UNIX or Windows Operating Systems. w: www.communicatorcorp.com 4

FTP FILE CLEANUP INFORMATION Any files that are stored in the user FTP area are automatically deleted after 14 days. TROUBLESHOOTING The following sections discuss solutions to queries that Communicator regularly receives about its secure FTP service. CONNECTIVITY / LOGON PROBLEMS Basic DOS and UNIX / Linux FTP programs do not support secure FTP communication. To connect to the FTP servers, use a valid FTP client which supports FTPS (explicit or implicit mode). See the end of this document, for tested clients on a number of platforms. UNIX / Linux platform by default support SFTP or FTP over SSH; however Communicator only supports FTP over SSL / TLS. For UNIX / Linux platforms please use either a client which supports this functionality (see supported clients later on in document) or integrate OpenSSL in to your environment. Verify FTP connectivity by going to a DOS prompt and type: ftp If this is successful, a message is shown which is similar to the below screenshot: Note UNIX / Linux commands can also be used but may look different to below. If a prompt for the username is not displayed, check with your IT department to ensure the correct rules are applied to the firewall. w: www.communicatorcorp.com 5

FTP USER ACCOUNT RELATED FTP account passwords are case sensitive. If connectivity fails at the username/password stage, ensure the password is entered correctly and in the same case as defined by the Communicator Support Team. If the password is correct, ensure that the username has been entered correctly. Please ensure that spaces do not appear before or after the username or password. If this still doesn't work, please contact the Communicator Support Team to request that they reset your FTP password and attempt the connection again. Sometimes if a user has attempted to connect to Communicator's FTP servers unsuccessfully a number of times, the server s cache will become confused and keep denying access even if the logon credentials are correct. Please wait 5-10 minutes and try to connect again. Communicator's FTP servers support resume capability. If for any reason the connection is dropped during the uploading or downloading of a file, the upload/download will continue from the last position that was received by the FTP server. SSL CERTIFICATE WARNINGS On the first connection to Communicator's FTP servers using FTP client FileZilla the user may receive a warning about an "Unknown Certificate", saying: "The server's certificate is unknown. Please carefully examine the certificate to make sure the server can be trusted". This is an issue with FileZilla not automatically supporting the use of domain wildcard certificates. The user can check the checkbox saying they trust this connection and remember for future use. If this is not acceptable, please use an alternative FTP client w: www.communicatorcorp.com 6

FIREWALL RELATED If you are able to connect to Communicator's FTP servers yet attempts to perform directory listings or upload/downloads fail, this is normally due to the firewall not allowing all the TCP data ports. The firewall has to be configured to allow TCP port 21, and TCP ports: 49152 65535 (all inclusive). There is a known issue with all versions of Microsoft ISA Server. If the client has the FTP access filter enabled, they will need to disable this to allow secure FTP sessions. This is located under the configuration > add-ins section of the ISA Server management console, as shown below. If you do not want to disable the application filter, you can create a custom Port definition which is configured to an access rule, but is not assigned to the FTP access filter. This will allow both normal FTP traffic and secure FTP traffic. Please note that this change is not supported by Communicator or by Microsoft. If the user can t successfully establish a connection to the FTP servers, the user's corporate firewall may be denying the FTP connection; some companies don t allow outbound FTP access by default. If this is the case, see the above section about Connectivity. If you are running a Cisco security appliance (such as a PIX firewall) you will be unable to connect to the secure FTP servers as Cisco do not currently support this. Cisco recommends one possible workaround in this situation. This is to use an FTP client that supports the use of a "clear command channel" while still using TLS/SSL to encrypt the data channel. With this option enabled, the PIX should be able to determine what port needs to be opened. http://www.cisco.com/en/us/products/hw/vpndevc/ps2030/products_qanda_item 09186a00805b87d8.shtml#q13 w: www.communicatorcorp.com 7

TESTED FTP CLIENTS FOR MS WINDOWS & UNIX / LINUX PLATFORMS The basic DOS / Linux FTP utilities do not support establishing connections over FTP over SSL/TLS. You will need to use a 3rd party client or write your own FTP application. Below is a list of some of the FTP clients that have been tested in Windows and Linux platforms and support FTP over SSL. FILEZILLA - HTTP://FILEZILLA-PROJECT.ORG/DOWNLOAD.PHP Host: Server Type: Transfer Mode MS Windows FTPES FTP over Explicit TLS/SSL Passive Mode Port 21 CLASSICFTP - HTTP://WWW.NCHSOFTWARE.COM/CLASSIC/INDEX.HTML FTP Server: Use Secure FTP (Explicit SSL): MS Windows Checked ALEX FTPS CLIENT - HTTP://WWW.CODEPLEX.COM/FTPS MS Windows (command line), Linux Command ftps h ssl all l CUTEFTP - HTTP://WWW.CUTEFTP.COM/DOWNLOADS/CUTEFTPPRO.ASPX Host Address: Protocol Type: MS Windows FTP with SSL (AUTH SSL - Explicit) Port: 21 w: www.communicatorcorp.com 8

CORE FTP LE - HTTP://WWW.COREFTP.COM/DOWNLOAD.HTML Host / IP / URL communicatorcorp.com PASV: Connection: MS Windows Checked AUTH TLS SSLFTP- HTTP://NETWINSITE.COM/SURGEFTP/DOWNLOAD2.HTM#SSLFTP Host / IP / URL: PASV: Connection: SSL Options: MS Windows / MS-DOS PASV: Checked Connection: AUTH TLS SSL Listings - Checked, SSL Transfer - Checked KFTPGRABBER - HTTP://WWW.KFTP.ORG/ Host: Protocol: Linux FTP over TLS/SSL (explicit) Port: 21 SSLFTP - HTTP://NETWINSITE.COM/SURGEFTP/DOWNLOAD2.HTM#SSLFTP Host: Protocol: UNIX / Linux FTP over TLS/SSL (explicit) Port: 21 w: www.communicatorcorp.com 9

FILEZILLA As FileZilla is commonly used by Communicator clients, we have provided step by step instructions of how to connect to your FTP account using this program. As above, firstly download FileZilla from http://filezilla-project.org/download.php. Once downloaded, click on File and Site Manager. In the General tab: enter as the Host. leave the Port field empty select FTPS - FTP over implicit TLS/SSL in the Server Type select Normal as the Logon Type enter your username in the User field enter your password in the Password field leave the Account and Comments fields blank Please note, a username and password will have been specifically provided for FTP. This is not the same as your Communicator login details. For any queries, please contact Communicator Support on +44 (0)844 870 8974. w: www.communicatorcorp.com 10

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information