OFTP transport configuration

A community can use an OFTP transport to trade messages with partners. The following paragraphs describe the fields in the exchange wizard for adding OFTP trading pickups and trading deliveries.

Related topics

OFTP V1 server or polling fields

The following are the fields for adding an OFTP V1 delivery in a community.

Transport type

Select the option for receiving messages from remote partners:

  • Define a new embedded OFTP server. Add an embedded server for clients to connect to and send messages to the community. Go to Network type.
  • Select a partner OFTP exchange to poll. Poll a partner’s server for inbound messages to retrieve. Click Next and select the server to poll. Then click Next if you want to name the exchange. Otherwise, click Finish.

Network type

Select the network protocol. The options are:

  • TCP. Transmission Control Protocol is the basic communications protocol of the Internet.
  • X.25. An ITU-T standard protocol suite for packet-switched wide area network communications.
  • X.25 over ISDN (B-channel). Integrated Services Digital Network broadband channel supports data transfers over telephone networks.

If you select an X.25 option, you are prompted to select a router. You can select an existing router or add one to use.

X.25 router configuration

The following fields display only if you select to add an X.25 router. For more about X.25 see Use X.25 with OFTP.

  • Friendly name – The name of this router. A meaningful name is suggested. If not specified, B2Bi uses a name in the following format: Router on [host name or IP].
  • Host – The fully qualified domain name or IP address of the internal interface of the router. It must be accessible from all B2Bi nodes.
    • Maximum concurrent outbound connections – The maximum number of outbound X.25 connections that can be made by this router. This is tied to the X.25 network’s number of allowed virtual channels and bandwidth.
    • Be careful when specifying this value: Virtual channels are used for both inbound and outbound connections, and OFTP requires receipts to be delivered. For example, if the maximum number of channels is 10, set this value to 4. This makes sure at least 6 channels stay available for receipts and inbound connections, if any.
    • SNMP community password – The SNMP password with at least read-only rights over the SNMP tables in the router.

ISDN router and controller configuration

The following fields display only if you select to add an ISDN router and controller definition. For more about X.25 over ISDN see Use X.25 over ISDN.

  • Friendly name – The name of this router. A meaningful name is suggested. If not specified, B2Bi uses a name in the following format: Router on <host name or IP>.
  • Host – The fully qualified domain name or IP address of the internal interface of the router. It must be accessible from all B2Bi nodes.
  • Remote CAPI port – The TCP port for the remote CAPI service on the router. This is used to remotely control the ISDN features of the router. The factory default value for the R4300 is 2662.
  • Controller index – The physical number of the ISDN controller within the router, which is roughly equivalent to a physical ISDN modem connected to one ISDN line. Numbering starts at 1, but there can empty slots (for instance, only one controller with index 2 can be installed).
  • Controller description – The name for this controller. A meaningful name is suggested. If not specified, B2Bi uses a name in the following format: Controller <index> on <host name or IP>.
  • Maximum concurrent outbound connections – The maximum number of outbound ISDN physical calls that can be made on the B-channels by this controller. This is tied to the ISDN network’s number of B-channels (2 for BRI, 24 or 30 for PRI).
  • Be careful when specifying this value: The B-channels are used for both inbound and outbound calls, and OFTP requires receipts to be delivered. For example, if the maximum number of B-channels is 2, set the value to 1 to make sure at least 1 channel is available for receipts and inbound connections, if any.

See the following figure: OFTP V1 embedded server in delivery exchange wizard.

The "Configure the Odette FTP V1 server" page of the Exchange Wizard.

OFTP V1 server fields (TCP)

The following are the server fields, unless you selected X.25 or X.25 over ISDN. See OFTP V1 server fields (X.25 or X.25 over ISDN).

  • Server name – The name for the embedded OFTP server. This can be any name you want.
  • SSID identification code – The start session identification (SSID) of the local or remote party. Trading partners exchange SSIDs to identify each other in the protocol handshake and session setup.
  • Port – If TCP, the port on which the server listens for connections.
  • OFTP protocol version – The protocol version being used (1.3 or 1.4).
  • Partner uses RFC 2204, not RFC 5024 – For OFTP V1 only when protocol version is 1.3, this option indicates the protocol release level (SSIDLEV) to use for the trading partner. Select this option if the partner uses the RFC 2204 implementation. This means the SSIDLEV field in the start session (SSID) command has a value of 1. Do not select this option if the partner uses the RFC 5024 implementation. This means the SSIDLEV field in the SSID command has a value of 2. (Note that in either case the exchange point is being defined for OFTP protocol revision level 1.3.)
  • Clients must use TLS to connect to this server – Select this option to set up Transport Layer Security for the OFTP delivery exchange. When selected, the following sub-field displays.
    • This server requires client authentication – If you selected TLS, select this check box to require your partners to submit a certificate to verify their identity before the delivery exchange allows the connection.
  • Set OFTP session password – Enter a password only when required. The password can be no longer than eight alphanumeric characters and is case sensitive.
  • If this is an exchange for receiving messages from a partner, your community presents this password to the partner. The password is compared to the one the partner has stored for your community.
  • If this is an exchange for sending messages to a partner, the partner must present this password to your community. The password is compared to the one your community has stored for the partner.
  • In either case, the passwords must match to establish the connection.

Click Next if you want to name the exchange. Otherwise, click Finish.

OFTP V1 server fields (X.25 or X.25 over ISDN)

  • Server name – The name for the embedded OFTP server. This can be any name you want.
  • SSID identification code – The start session identification (SSID) of the local or remote party. Trading partners exchange SSIDs to identify each other in the protocol handshake and session setup.
  • Server network user address – The NUA to wait for an incoming call via OFTP V1 X.25.
  • Subscriber number – The subscriber number this embedded server answers to. This is the number as seen by the ISDN router. Typically, prefix digits (international, external line) have been removed by the telecom equipment. Check with your telecom operator for the correct number.
  • OFTP protocol version – The protocol version being used (1.3 or 1.4).
  • Partner uses RFC 2204, not RFC 5024 – For OFTP V1 only when protocol version is 1.3, this option indicates the protocol release level (SSIDLEV) to use for the trading partner. Select this option if the partner uses the RFC 2204 implementation. This means the SSIDLEV field in the start session (SSID) command has a value of 1. Do not select this option if the partner uses the RFC 5024 implementation. This means the SSIDLEV field in the SSID command has a value of 2. (Note that in either case the exchange point is being defined for OFTP protocol revision level 1.3.)
  • Set OFTP session password – Enter a password only when required. The password can be no longer than eight alphanumeric characters and is case sensitive.
  • If this is an exchange for receiving messages from a partner, your community presents this password to the partner. The password is compared to the one the partner has stored for your community.
  • If this is an exchange for sending messages to a partner, the partner must present this password to your community. The password is compared to the one your community has stored for the partner.
  • In either case, the passwords must match to establish the connection.

Click Next if you want to name the exchange. Otherwise, click Finish.

OFTP V2 server or polling fields

The following are the fields for adding an OFTP V2 delivery in a community.

Transport type

Select the option for receiving messages from remote partners:

  • Define a new embedded OFTP server. Add an embedded server for clients to connect to and send messages to the community. Go to OFTP V2 server fields.
  • Select a partner OFTP exchange to poll. Poll a partner’s server for inbound messages to retrieve. Click Next and select the server to poll. Then click Next if you want to name the exchange. Otherwise, click Finish.

See the following figure: add OFTP V2 embedded server in delivery exchange wizard.

The "Configure the Odette FTP V2 server" page of the Exchange Wizard.

OFTP V2 server fields

  • Server name – The name for the embedded OFTP server. This can be any name you want.
  • SSID identification code – The start session identification (SSID) of the local or remote party. Trading partners exchange SSIDs to identify each other in the protocol handshake and session setup.
  • Port – The TCP port on which the server listens for connection requests. This field does not apply to OFTP V1 X.25.
  • OFTP protocol version – The protocol version.
  • Require secure OFTP authentication – For OFTP V2 only, this is an extra layer of security to enable senders and receivers to validate each other as genuine. There are two requirements to enable secure OFTP authentication:
    • Both the sender and receiver must enable secure OFTP authentication. If one party turns it on and the other party does not, a protocol error is generated and the session between the parties is disconnected.
    • Both the sender and receiver must be using certificates. These are the normal certificates used by a community and its partners to securely exchange messages. These are not TLS certificates, which are additional certificates needed if TLS is configured for a delivery exchange.
  • This is how the authentication works: The initiator of the connection uses the partner’s public key to encrypt and send a short, random message to the partner. The partner decrypts the message with its private key and sends the message back. The initiator compares the response to the original message. If the messages match, the initiator has authenticated the partner. The partner repeats the process to validate the initiator.
  • Clients must use TLS to connect to this server – Select this option to set up Transport Layer Security for the OFTP delivery exchange.
  • When selected, the following sub-field displays.
    • This server requires client authentication – If you selected TLS, select this option to require your partners to submit a certificate to verify their identity before the delivery exchange allows the connection.
  • Set OFTP session password – Enter a password only when required. The password can be no longer than eight alphanumeric characters and is case sensitive.
  • If this is an exchange for receiving messages from a partner, your community presents this password to the partner. The password is compared to the one the partner has stored for your community.
  • If this is an exchange for sending messages to a partner, the partner must present this password to your community. The password is compared to the one your community has stored for the partner.
  • In either case, the passwords must match to establish the connection.

Click Next if you want to name the exchange. Otherwise, click Finish.

OFTP V1 client fields

The following are the fields in the delivery exchange wizard for configuring this transport. These are the fields for adding an OFTP V1 delivery for a partner.

OFTP transport type

  • Define a new external OFTP server – Set up the delivery exchange to connect to an external server to send messages to a remote partner. See Network type.
  • Select the partner OFTP exchange to share – Set up the delivery exchange to connect to an external server already in use by another remote partner. See Select partner OFTP exchange.

Select partner OFTP exchange

  • Partner OFTP exchange to share – Select the partner delivery exchange to share, if any are available. The available choices are OFTP V1 or OFTP V2 delivery exchanges for other partners. The user interface only allows selecting delivery exchanges of the same type being added. For example, if you are adding an OFTP V1 exchange, only OFTP V1 selections are available.
  • The user interface only allows selecting exchanges of unrestricted partners. For example, if your user is associated with a role that restricts accessing partner X, any OFTP exchanges owned by that partner are not available to share. However, if the exchange was shared before partner X became restricted, the sharing partner can still use the shared exchange, but cannot view or change the original exchange.

Click Next if you want to name the exchange. Otherwise, click Finish.

Network type

Select the network protocol. The options are:

  • TCP. Transmission Control Protocol is the basic communications protocol of the Internet.
  • X.25. An ITU-T standard protocol suite for packet-switched wide area network communications.
  • X.25 over ISDN (B-channel). Integrated Services Digital Network broadband channel supports data transfers over telephone networks.

If you select an X.25 option, you are prompted to select a router. You can select an existing router or add one to use.

X.25 router configuration

The following fields display only if you select to add an X.25 router. For more about X.25 see Use X.25 with OFTP.

  • Friendly name – The name of this router. A meaningful name is suggested. If not specified, B2Bi uses a name in the following format: Router on <host name or IP>.
  • Host – The fully qualified domain name or IP address of the internal interface of the router. It must be accessible from all B2Bi nodes.
    • Maximum concurrent outbound connections – The maximum number of outbound X.25 logical connections that can be made by this router. This is tied to the X.25 network’s number of allowed virtual channels and bandwidth.
    • Be careful when specifying this value: Virtual channels are used for inbound and outbound connections, and OFTP requires receipts to be delivered. For example, if the maximum number of channels is 10, set this value to 4. This makes sure at least 6 channels stay available for receipts and inbound connections, if any.
    • SNMP community password – The SNMP password with at least read-only rights over the SNMP tables in the router.

ISDN router and controller configuration

The following fields display only if you select to add an ISDN router and controller definition. For more about X.25 over ISDN see OFTP.

  • Friendly name – The name of this router. A meaningful name is suggested. If not specified, B2Bi uses a name in the following format: Router on <host name or IP>.
  • Host – The fully qualified domain name or IP address of the internal interface of the router. It must be accessible from all B2Bi nodes.
  • Remote CAPI port – The TCP port for the remote CAPI service on the router. This is used to remotely control the ISDN features of the router. The factory default value for the R4300 is 2662.
  • Controller index – The physical number of the ISDN controller within the router, which is roughly equivalent to a physical ISDN modem connected to one ISDN line. Numbering starts at 1, but there can empty slots (for instance, only one controller with index 2 can be installed).
  • Controller description – The name for this controller. A meaningful name is suggested. If not specified, B2Bi uses a name in the following format: Controller <index> on <host name or IP>.
  • Maximum concurrent outbound connections – The maximum number of outbound ISDN physical calls that can be made on the B-channels by this controller. This is tied to the ISDN network’s number of B-channels (2 for BRI, 24 or 30 for PRI).
  • Be careful when specifying this value: The B-channels are used for inbound and outbound calls, and OFTP requires receipts to be delivered. For example, if the maximum number of B-channels is 2, set the value to 1 to make sure at least 1 channel is available for receipts and inbound connections, if any.

See the following figure: add OFTP V1 (TCP) client in delivery exchange wizard.

The "Configure the Odette FTP V1 client settings" page of the Delivery Exchange Wizard.

OFTP settings

  • Hostname – If TCP, the fully qualified domain name or IP address of the OFTP server.
  • Partner ISDN number – For ISDN, the partner’s ISDN number. If prefixes are required to access an external line or an international number, include those in the number.
  • Port – The TCP port on which the server listens for connection requests. This field does not apply to OFTP V1 X.25.
  • SSID identification code – The start session identification (SSID) of the local or remote party. Trading partners exchange SSIDs to identify each other in the protocol handshake and session setup.
  • OFTP protocol version – The protocol version being used (1.3 or 1.4).
  • Remote network user address – The NUA of the remote partner’s server to connect to (OFTP V1 X.25 only).
  • Charge called party instead of caller – When this check box is select, and when supported by the carrier and accepted by the partner upon call establishment, the called party is charged for the call instead of the caller (OFTP V1 X.25 only).
  • Partner uses RFC 2204, not RFC 5024 – For OFTP V1 only when protocol version is 1.3, this option indicates the protocol release level (SSIDLEV) to use for the trading partner. Select this option if the partner uses the RFC 2204 implementation. This means the SSIDLEV field in the start session (SSID) command has a value of 1. Do not select this option if the partner uses the RFC 5024 implementation. This means the SSIDLEV field in the SSID command has a value of 2. (Note that in either case the exchange point is being defined for OFTP protocol revision level 1.3.)
  • Clients must use TLS to connect to this server – Select this to set up Transport Layer Security for the OFTP delivery exchange. When selected, the following sub-field displays.
    • Enable host name verification – If selected, B2Bi compares the name of the TLS server to the name in the server’s certificate to ensure they are the same. If you use DMZ nodes, we recommend against selecting this option. If host name verification is enabled, messages may fail because the client is connecting to the DMZ node and not to the B2Bi Server.
    • Set OFTP session password – Enter a password only when required. The password can be no longer than eight alphanumeric characters and is case sensitive.
    • If this is an exchange for receiving messages from a partner, your community presents this password to the partner. The password is compared to the one the partner has stored for your community.
    • If this is an exchange for sending messages to a partner, the partner must present this password to your community. The password is compared to the one your community has stored for the partner.
  • In either case, the passwords must match to establish the connection.
Note   If prompted, you can select a Secure Relay DMZ zone to route messages to the partner. This option displays only for transports for sending to partners when your user license supports Secure Relay and a DMZ zone has been added. For details, see Secure Relay DMZ nodes.

Click Next if you want to name the exchange. Otherwise, click Finish.

OFTP V2 client fields

The following are the fields in the delivery exchange wizard for configuring this transport. These are the fields for adding an OFTP V2 delivery exchange for a partner.

OFTP transport type

  • Define a new external OFTP server – Set up the delivery exchange to connect to an external server to send messages to a remote partner. See OFTP settings.
  • Select the partner OFTP exchange to share – Set up the delivery exchange to connect to an external server already in use by another remote partner. See Select partner OFTP exchange.

Select partner OFTP exchange

  • Partner OFTP exchange to share – Select the partner delivery exchange to share, if any are available. The available choices are OFTP V1 or OFTP V2 delivery exchanges for other partners. The user interface only allows selecting delivery exchanges of the same type being added. For example, if you are adding an OFTP V1 exchange, only OFTP V1 selections are available.
  • The user interface only allows selecting exchanges of unrestricted partners. For example, if your user is associated with a role that restricts accessing partner X, any OFTP exchanges owned by that partner are not available to share. However, if the exchange was shared before partner X became restricted, the sharing partner can still use the shared exchange, but cannot view or change the original exchange.

Click Next if you want to name the exchange. Otherwise, click Finish.

See the following figure: add OFTP V2 client in delivery exchange wizard.

The "Configure the Odette FTP V2 client settings" page of the Delivery Exchange Wizard.

OFTP settings

  • Hostname – If TCP, the fully qualified domain name or IP address of the OFTP server.
  • Port – The TCP port on which the server listens for connection requests. This field does not apply to OFTP V1 X.25.
  • SSID identification code – The start session identification (SSID) of the local or remote party. Trading partners exchange SSIDs to identify each other in the protocol handshake and session setup.
  • OFTP protocol version – The protocol version.
  • Require secure OFTP authentication – For OFTP V2 only, this is an extra layer of security to enable senders and receivers to validate each other as genuine. There are two requirements to enable secure OFTP authentication:
    • Both the sender and receiver must enable secure OFTP authentication. If one party turns it on and the other party does not, a protocol error is generated and the session between the parties is disconnected.
    • Both the sender and receiver must be using certificates. These are the normal certificates used by a community and its partners to securely exchange messages. These are not TLS certificates, which are additional certificates needed if TLS is configured for a delivery exchange.
  • This is how the authentication works: The initiator of the connection uses the partner’s public key to encrypt and send a short, random message to the partner. The partner decrypts the message with its private key and sends the message back. The initiator compares the response to the original message. If the messages match, the initiator has authenticated the partner. The partner repeats the process to validate the initiator.
    • Select a different encryption certificate for secure authentication – Select the partner certificate to use for secure authentication other than the default certificate.
  • Clients must use TLS to connect to this server – Select this to set up Transport Layer Security for the OFTP delivery exchange. When selected, the following sub-field displays.
    • Enable host name verification – If selected, the trading engine compares the name of the TLS server to the name in the server’s certificate to ensure they are the same.
  • If you use DMZ nodes, we recommend against selecting this option. If host name verification is enabled, messages may fail because the client is connecting to the DMZ node and not to the B2Bi Server.
  • Set OFTP session password – Enter a password only when required. The password can be no longer than eight alphanumeric characters and is case sensitive.
  • If this is an exchange for receiving messages from a partner, your community presents this password to the partner. The password is compared to the one the partner has stored for your community.
  • If this is an exchange for sending messages to a partner, the partner must present this password to your community. The password is compared to the one your community has stored for the partner.
  • In either case, the passwords must match to establish the connection.
Note   If prompted, you can select a Secure Relay DMZ zone to route messages to the partner. This option displays only for transports for sending to partners when your user license supports Secure Relay and a DMZ zone has been added. For details, see Secure Relay DMZ nodes.

Click Next if you want to name the exchange. Otherwise, click Finish.

Related Links