FTPS
Fields with the asterisk * are mandatory.
PORT *
Enter the port to connect to the server. This is the TCP/IP port the server will listen to in the STENG node.
PORT RANGE
Enter the range for the ports the server will listen to.
SERVER KEYLABEL *
Enter the Key identifier about keystore store to select Private Key and Certificate to create SSL connection.
ACTIVE DATA CONNECTION LOCAL ADDRESS
Enter the local address for active data connection.
PASSIVE EXTERNAL ADDRESS
This field must be filled in only if OPERATING MODE is set to PASSIVE and will contain the address used for passive connections. If the server is behind NAT, insert the external IP address.
MAX SESSION
Specify the maximum number of active sessions.
CONNECTION TIMEOUT
Define the number of seconds without network activity to wait before closing a session due to inactivity. Default value: 60.
ACTIVE DATA CONN LOCAL OUTPORT
If the OPERATING MODE is set to ACTIVE, enter the port the client must connect to.
REQUIRE CLIENT AUTHENTICATION
Enable the toggle button if you want the server to require SSL Client Authentication to the client that is connecting. If enabled, the CLIENT CERTIFICATION MATCH field appears and the appropriate option must be selected in the drop-down menu – details in the field here below.
CLIENT CERTIFICATION MATCH
This field appears if the REQUIRE CLIENT AUTHENTICATION button is enabled. It defines if the Certificate required for Client Authentication will be matched and how. Possible values: - NONE: the Certificate will not be matched. The presence of a valid Certificate is enough to proceed. This is the less secure option. - CNEQUALS (default value): the Common Name field of the Certificate must be exactly the same as the user name. This is the most restrictive option. - CNCONTAINS: the Common Name field of the Certificate must contain the user name.
OPERATING MODE
How data connection is established, possible values: - ACTIVE (default value) - PASSIVE When setting the “Active mode file transfer”, the client will establish a control connection to the server and the server will establish a data connection back to the client. With “Passive mode file transfer”, the client will establish both a control connection and a data connection to the server.
DATA PROTECTION
Data channel protection. Possible values: - PROTECTED: Force data channel protection - CLEARTEXT: No data channel protection
SSL CONTROL
Possible values: - EXPLICIT (recommended) - IMPLICIT Selecting EXPLICIT, an explicit SSL/TLS connection will be set via AUTH command. Selecting IMPLICIT, an implicit SSL/TLS connection will be set. Most FTP/S Servers listen for implicit connections to port 990.
AUTHENTICATION PROTOCOL
Select the SSL authentication protocol. Possible values: - ALL - ONLY SPECIFIC VALUES: SSLv3 TLSv1 TLSv1_1 TLSv1_2 TLSv1_3 SSLv2Hello
ACCEPTED CIPHER SUITES
NONE (default)
No session proxying through DMZ Gateway applied.
PORT_FORWARDING
Incoming/Outgoing connections to/from STENG server will be proxied inside an SSL tunnel without being validated in advance. DMZ PROXY PORT *: This port represents the tunnel that is opened for connection with the STENG Server.
SESSION_TERMINATION
🚀 To change any DMZ port of an FTPS server that belongs to a peer, select the server you want to update. Next, click the pencil icon in the top-right corner of the server card. Enter the new port or ports in the appropriate fields. Finally, click the SAVE button to confirm your changes. Remember that the new port number will only affect the peer's selected server.
Last updated