FTP(S) transfer sites

The following table describes the FTP(S) protocol options for a transfer site.

Field Description
Site Settings
Server The host name or IP address of the remote server to connect to for file transfers. You cannot enter spaces-only values in this field. For more information, see Spaces in required fields.
Port The port on the remote server to be used for file transfers. You cannot enter spaces-only values in this field. For more information, see Spaces in required fields.
Alternative addresses

This set of options allow you to add, delete and set a priority order of alternative endpoints. These endpoints act as backup alternatives to the configured Server-Port Site Settings and are particularly useful in cases of transfer failures. Specifying alternative endpoints as backup servers provides a way to temporarily reroute pending transfers and minimize the risk of transfer failure. As with the Server-Port site settings, the connection to each alternative endpoint is defined by its host name (or IP address) and port number.

  • To add an alternative server endpoint, click New Address. The Alternative Addresses table expands with a new row, that allows you to enter a hostname (or IP address), a port number and save these changes.
  • To delete an alternative server endpoint, select the corresponding check-box on the same row and click Delete.
  • To reorder the list of alternative endpoints, click Reorder. A new option (upward and downward arrow) appears next to each entry. You must hover with the mouse pointer over this newly appeared option and the mouse pointer will assume the "move" shape: a four-directional arrow pointer. This indicates which alternative endpoint is on focus. You can now drag & drop it up and down to the order number you want it at. Perform this action with other alternative endpoints until the list is ordered according to your needs. When you are done, click Save Order to keep the newly changed order.
Note Visibility of this option is controlled with the value set for the TransferSite.AlternativeAddresses.retryPolicy configuration option. It allows you to set a "retry policy" with a list of alternative endpoints (presented in IP address: Port number pairs or hostname) you define on this screen. But before you are able to do so, you must go to Operations > Server Configuration and set the policy type using either of the following values:
  • AllHostsOnEachRetry – with this policy SecureTransport iterates through each endpoint, one by one, starting with the first in the list. If connection not successful, SecureTransport will continue trying each endpoint one after another until the maximum number of retries is reached. You can set the maximum retry value by editing the EventQueue.maxRetryCount configuration option.
  • OneHostOnEachRetry – with this policy SecureTransport tries to connect to the first endpoint in the list. If connection not successful, SecureTransport will continue trying that endpoint until the maximum number of retries is reached; and then will move to the next one in the list. Following that same pattern, SecureTransport will try each endpoint until success; or until end of list. You can set the maximum retry value by editing the EventQueue.maxRetryCount configuration option.
  • Disabled (default) – this is the default value that keeps the table with endpoints entirely hidden from view.
Network Zone

The network zone that defines the proxies to use for transfers through this site.

  • Select none to connect directly to the remote FTP server.
  • Select any to allow SecureTransport to select the proxy connection using a network zone that enables an SOCKS5 proxy.
  • Select Default to use the default network zone proxy configuration. If no default is network zone is defined, transfers from this transfer site fail.
  • Select a specific network zone to use the proxy configuration defined for that zone.

For more information, see Specify TM Server communication ports and IP address for protocol servers on SecureTransport Edge.

Enable Active Connection Mode Determines whether passive or active connection mode is used by SecureTransport for server-initiated transfers over FTP. When selected, Active FTP is used.
Download Folder

The folder on the remote server from which the file are transferred.

If Advanced Expression is selected for Download Folder, the download folder is evaluated using expression language.

To use the expression language to append dates:

The download folder will be evaluated using the current date when the transfer site is being executed. For example folder_20150130.

Example:

folder_${date("yyyyMMdd")}

Download Pattern

The pattern used to match file names to determine whether a file is downloaded. Asterisk (*) matches zero or more characters and question mark (?) matches one character.

If Advanced Expression is selected for Download Pattern, the download pattern is evaluated using expression language.

To evaluate the download pattern using dates:

The download pattern will be evaluated using the current date when the transfer site is being executed. For example *_20150130.txt. This will match all files ending with _20150130.txt.

Example:

*_${date("yyyyMMdd")}.txt

Allow Overwrite Taken into account when the site is used by Send To Partner step. If checked the value of "Upload folder" will be overwritten with the value of "Overwrite upload folder". For more details see Advanced Routing.
Upload Folder The folder on the remote server to which files are transferred.

Transfer Settings

The Transfer Settings options allow you to define various transfer settings with your current transfer site.

Field Description
Transfer Settings
Transfer Mode

Specify whether data is transferred as ASCII or binary. You can also choose to have SecureTransport automatically determine the correct transfer mode.

For more information about automatically determining transfer mode, see Transfer mode for server-initiated transfers.

Upload command

Define the FTP command to be used in requests when server-initiated transfers are executed:

STOR - select to use the STOR command for server-initiated transfers.

APPE - select to use the APPE command for server-initiated transfers.

Note STOR is the default command for FTP server-initiated transfers.
 Upload command is reported to Axway Sentinel and displayed in the Protocol Parameter attribute.
Transcode any line terminators in ASCII mode When checked it forces SecureTransport to transcode any sequence of line terminators when ASCII mode is used.
Use FTPS Deselect to use FTP instead of FTPS.
Verify certificate for the Site Select to verify that the remote system is trusted. This option is displayed when Use FTPS is selected.
Clear Command Channel Select to accept and process a Clear Command Channel subcommand. If the user is authorized to perform the command, send a confirmation message, and change the control connection transmission mode to clear text. This option is displayed when Use FTPS is selected.
TLS Shutdown on CCC

Perform a TLS shutdown upon receiving a Clear Command Channel subcommand. This option is displayed when Clear Command Channel is selected.

Note When closing a TLS connection, such as when issuing a CCC command, each party is required to send a close_notify before closing the connection. This is mandated by RFC 2246. If both the client and server do not acknowledge that the TLS connection is ending they may be susceptible to a TLS truncation attack. From a security standpoint, Axway recommends that both TLS shutdowns be checked when configuring the transfer site CCC option. When performing FTP transfers to a remote SecureTransport Server, you must configure Ftp.CCC.TlsShutdownInitiator for the server. As a result the client sends Close notify and the server responds with Close notify, the server-initiated transfer is successful, and the partners are not susceptible to a TLS truncation attack.
Enable FIPS Transfer Mode

Restrict FTPS to use only FIPS 140-2 Level 1 certified cryptographic libraries. This option is displayed when Use FTPS is selected.

When you enable FIPS transfer mode, the panel expands with an additional field that lets you specify the desired set of cipher suites to be used in FIPS mode for server-initiated transfers through this site. By default, this set is populated with the cipher suites as defined in the Ftps.FIPS.SIT.Ciphers configuration option.

You can add or remove cipher suites. The supported FIPS cipher suites from which you can select when adding a new one are listed in FIPS transfer mode. Note that both the sender and the recipient must use supported FIPS ciphers suites. Otherwise, the transfer will fail.

SITE command Enter a SITE command. You use this command to provide services specific to your system that are not available as FTP commands.

Site Login Credentials

The Site Login Credentials options allow you to define credentials and / or add a certificate for login to the FTP(S) server.

Field Description
Site Login Credentials
User Name The user name to log in to the FTP server. You cannot enter spaces-only values in this field. For more information, see Spaces in required fields.
Use Password Select to use a password to log in to the FTP server.
Password Password used to log in to the FTP server.
Certificate A private certificate for SecureTransport to use to log in to the FTP server. You can select a certificate or import a certificate. This field is displayed when Use FTPS is selected.

Post Transmission Settings: Send Options

The Send Options allow you to define post transmission actions on success and failure.

Field Description
Send Options
Send File As Select the check box to specify a file name. You can use the expression language to specify the criteria you want to match. The expression uses the criteria provided to create a new file name from the original file name.
On Temporary Failure A temporary failure can occur when the transfer is incomplete and a retry occurs. Select one of the three choices: No Action, Delete Destination File, or Move File To. Selecting No Action causes the file to stay in the new location with the file name you specified. If another file with the same name is transferred to this location, the original file is overwritten. Selecting Delete Destination File removes the file from the new location. Selecting Move File To requires you to specify a directory in the location where you are transferring the files to and to provide an expression used to rename the file.
On Failure A failure occurs when the transfer is incomplete and all retry attempts were unsuccessful. Select one of the three choices: No Action, Delete Destination File, or Move File To. Selecting No Action causes the file to stay in the new location with the file name you specified. If another file with the same name is transferred to this location, the original file is overwritten. Selecting Delete Destination File removes the file from the new location. Selecting Move File To requires you to specify a directory in the location where you are transferring the files to and to provide an expression used to rename the file.
On Success Select one of the choices: No Action, or Move File To. Selecting No Action causes the file to stay in the new location with the file name you specified. If another file with the same name is transferred to this location, the original file is overwritten. Selecting Move File To requires you to specify a directory in the location where you are transferring the files to and to provide an expression used to rename the file.
Note To preserve the original file name when using the Move File To option, use the ${stenv.target} or ${stenv['target']} expressions.

Post Transmission Settings: Receive Options

The Receive options allow you to define post transmission actions on success and failure.

Field Description
Receive Options
Receive File As Select the check box to specify a file name. You can use the expression language to specify the criteria you want to match. The expression uses the criteria provided to create a new file name from the original file name when the transfer is received. You can use the SecureTransport-specific variable ${stenv.site_target} which takes the value from the remote file path. see Expression Language for information on SecureTransport-specific variables.
On Failure A failure occurs when the transfer is incomplete and all retry attempts were unsuccessful. Select one of the three choices: No Action, Delete Source File, or Move File To. Selecting No Action causes the file to stay in the original location. If another file with the same name is transferred to this location, the original file is overwritten. Selecting Delete Source File removes the file from the original location. Selecting Move File To requires you to specify a directory in the location where you are transferring the files from and to provide an expression used to rename the file.
On Success Select one of the three choices: No Action, Delete Source File, or Move File To. Selecting No Action causes the file to stay in the original location. If another file with the same name is transferred to this location, the original file is overwritten. Selecting Delete Source File removes the file from the original location. Selecting Move File To requires you to specify a directory in the location where you are transferring the files from and to provide an expression used to rename the file.
Note To preserve the original file name when using the Move File To option, use the ${stenv.target} or ${stenv['target']} expressions.

Advanced SSL Settings

Advanced SSL settings allow you to define Cipher suites and SSL protocols with your current FTP(S) Transfer Site.

Field Description
Show Advanced SSL Settings
Cipher suites

The set of cipher suites available with the current FTP(S) transfer site for secure SIT connection. By default this set is populated with the cipher suites as defined in the Ftps.SIT.Ciphers configuration option.

To reset to default values, click the button next to the tooltip.

Enabled SSL protocols

The available SSL protocols for secure SIT connection with the current FTP(S) transfer site. By default this option uses the SSL protocols as defined in the Ftps.SIT.EnabledProtocols configuration option.

To reset to default values, click the button next to the tooltip.

Supported Active / Passive FTP(S) connections

This table describes the supported Active/Passive FTP(S) connection modes for client/server-initiated transfers over FTP(S).

FTP Exchange type Active FTP mode supported Passive FTP mode supported
Client initiated via Edges Yes Yes
Server initiated via Edges No Yes
Server initiated - no Edges/direct connection Yes Yes

Related topics:

Related Links