SecureTransport 5.4 Administrator Guide Save PDF Selected topic Selected topic and subtopics All content PeSIT transfer sites The following image is a snapshot of the Add Transfer Site page for a transfer site definition that uses the PeSIT transfer protocol. Unlike transfer sites for other transfer protocols, a PeSIT transfer site is also used for transfers initiated by the external PeSIT partner (considered client-initiated by SecureTransport). Only a Site Name value is required to define the partnership but it must not be used for transfers initiated by the SecureTransport server on which it is defined. For a PeSIT transfer site, the Site Name designates the destination for an incoming routed transfer. For more information, see Select a default PeSIT transfer site for routing. The following table describes the PeSIT protocol options for a transfer site. Field Description Remote Partner Settings This group of options is displayed right below your selection of Transfer Protocol: PeSIT. Host The host name or IP address of the remote server to connect to for file transfers. You cannot enter spaces-only values in this field. For more information, see Spaces in required fields. Port The port on the remote server to be used for file transfers. You cannot enter spaces-only values in this field. For more information, see Spaces in required fields. Alternative addresses Visibility of this option is controlled via a Server configuration option. This set of options allow you to add, delete and set a priority order of alternative endpoints. These endpoints act as backup alternatives to the configured Server-Port Site Settings and are particularly useful in cases of transfer failures. Specifying alternative endpoints as backup servers provides a way to temporarily reroute pending transfers and minimize the risk of transfer failure. As with the Server-Port site settings, the connection to each alternative endpoint is defined by its host name (or IP address) and port number. To add an alternative server endpoint, click New Address. The Alternative Addresses table expands with a new row, that allows you to enter a hostname (or IP address), a port number and save these changes. To delete an alternative server endpoint, select the corresponding check-box on the same row and click Delete. To reorder the list of alternative endpoints, click Reorder. A new option (upward and downward arrow) appears next to each entry. You must hover with the mouse pointer over this newly appeared option and the mouse pointer will assume the "move" shape: a four-directional arrow pointer. This indicates which alternative endpoint is on focus. You can now drag & drop it up and down to the order number you want it at. Perform this action with other alternative endpoints until the list is ordered according to your needs. When you are done, click Save Order to keep the newly changed order. Note Visibility of this option is controlled with the value set for the TransferSite.AlternativeAddresses.retryPolicy configuration option. It allows you to set a "retry policy" with a list of alternative endpoints (presented in IP address: Port number pairs or hostname) you define on this screen. But before you are able to do so, you must go to Operations > Server Configuration and set the policy type using either of the following values: AllHostsOnEachRetry – with this policy SecureTransport iterates through each endpoint, one by one, starting with the first in the list. If connection not successful, SecureTransport will continue trying each endpoint one after another until the maximum number of retries is reached. You can set the maximum retry value by editing the EventQueue.maxRetryCount configuration option. OneHostOnEachRetry – with this policy SecureTransport tries to connect to the first endpoint in the list. If connection not successful, SecureTransport will continue trying that endpoint until the maximum number of retries is reached; and then will move to the next one in the list. Following that same pattern, SecureTransport will try each endpoint until success; or until end of list. You can set the maximum retry value by editing the EventQueue.maxRetryCount configuration option. Disabled (default) – this is the default value that keeps the table with endpoints entirely hidden from view. Network Zone The network zone that defines the proxies to use for transfers through this site. Select none to connect directly to the remote partner server. Select any to allow SecureTransport to select the proxy connection using a network zone that enables an SOCKS5 proxy.SecureTransport Select Default to use the default network zone proxy configuration. If no default is network zone is defined, transfers from this transfer site fail. Select a specific network zone to use the proxy configuration defined for that zone. For more information, see Specify TM Server communication ports and IP address for protocol servers on SecureTransport Edge. Transfer Settings Please note that the options described appear on display when the Show Advanced Settings option is not selected. When you select the Show Advanced Settings checkbox, these options are moved under Network Settings. Use TLS/SSL Requires the use of TLS or SSL for communication with the partner server. When selected, additional fields appear on display. Verify partner's certificate Verify the TLS/SSL certificate of the partner site. This field is displayed when the Use TLS/SSL option is selected. When selected, SecureTransport verifies whether the server certificate of the partner is chained to a trusted root using the algorithm specified in AgentServers.Ssl.trustAlgorithm server configuration parameter and the certificates imported in the Trusted CAs store. Enable SSL Legacy Mode Requires the use of SSL Legacy mode for communication with the partner server. This field is displayed when the Use TLS/SSL option is selected. Enable FIPS Transfer Restrict PeSIT to use only FIPS 140-2 Level 1 certified cryptographic libraries. This field is displayed when the Use TLS/SSL option is selected. When you enable FIPS transfer mode, the panel expands with an additional field that lets you specify the desired set of cipher suites to be used in FIPS mode for server-initiated transfers through this site. By default, this set is populated with the cipher suites as defined in the Pesit.FIPS.SIT.Ciphers configuration option. You can add or remove cipher suites. The supported FIPS cipher suites from which you can select when adding a new one are listed in FIPS transfer mode. Note that both the sender and the recipient must use supported FIPS ciphers suites. Otherwise, the transfer will fail. Login certificate The local certificate to use when connecting to the partner site. By default, the usage of expired X509 certificates is allowed for SIT transfers. To forbid it, set the SIT.allowExpiredCertificates to false. Partner certificate The login certificate to use when authenticating the remote site. Advanced Settings Scroll down to the bottom of the screen and select Show Advanced Settings to expand the screen with additional options. Field Description Pre-connection settings You must have both Show Advanced Settings and Configure Pre-Connection selected for the following group of options to appear right below. PeSIT pre-connection settings allow you to map a server ID and password (Server Settings) to the corresponding client-side partner ID and password (Partner Settings). PeSIT pre-connection acts as a mechanism for additional verification prior to establishing a PeSIT connection. By default, the Configure Pre-Connection checkbox is not selected. If you leave it this way, the following rules apply, depending on the SecureTransport role in Pre-Connection phase: SecureTransport as Server – SecureTransport does not validate the received Partner ID and Partner Password. SecureTransport as Client – SecureTransport sends to the target PeSIT Server the Account name as a Partner ID and the Connection Partner Password (if specified) as Partner Password. When you select the Configure Pre-Connection checkbox you must add either Server or Partner Settings, or both. In all cases, the Id field is required and the Password field is optional. With the input of Server or Partner Settings, the following rules apply, depending on the SecureTransport role in the Pre-Connection phase: SecureTransport as Server – SecureTransport validates the received Partner ID and Partner Password against the configured Server ID and Server Password. SecureTransport as Client – SecureTransport sends the configured Partner ID and Partner Password to the target PeSIT Server. Server Settings These options appear when you select Pre-Connection settings. Server Id The ID against which the Server validates the received Partner ID during Pre-Connection phase. It can contain any symbols (up to 8 characters). Leading or trailing spaces will be trimmed. Password (optional) The password against which the Server validates the received Partner password during Pre-Connection phase. It can contain any symbols (up to 8 characters). White spaces are not allowed. Leading or trailing spaces will be trimmed. Re-enter Password Retype the password you configure for pre-connection to your PeSIT server. Partner Settings These options appear when you select Pre-Connection settings. Partner Id The ID that the PeSIT client sends during Pre-Connection phase. It can contain any symbols (up to 8 characters). Leading or trailing spaces will be trimmed. Password (optional) The password that the PeSIT client sends during Pre-Connection phase. It can contain any symbols (up to 8 characters). White spaces are not allowed. Leading or trailing spaces will be trimmed. Re-enter Password Retype the password you configure for pre-connection to your PeSIT transfer site. Connection Settings Server Password Setting To use a server password, select Use Password and type the same password in both fields. The password is required when a remote partner connects to this Server and password authentication is used. Valid passwords are string values consisting of one to eight characters. Partner Password Settings To use a partner password, select Use Password and type the password in the field provided. The password is required when this Server connects to a remote partner. Valid passwords are string values consisting of one to eight characters. Transfer Settings These options appear when you select Show Advanced Settings. Please note that when you have not selected the Show Advanced Settings checkbox, a different group of options is presented, as described here. Compression Enables horizontal online compression, vertical online compression, or both for transfers initiated by the SecureTransport Server. If the partner PeSIT server does not supports the selected compression, no compression is used for these transfers. SecureTransport support all types of compression for transfers initiated by the partner PeSIT server. Resync Allowed Enables dynamics resynchronization of exchanges during transfer, without interrupting the data exchange phase. Checkpoint Interval The maximum number of bytes in KB (equals 1024 bytes) that the sender may transmit between two consecutive checkpoints. Checkpoints are used to restart the transfer when required. A value of zero indicates no checkpoints. A value of 65535 indicates an undefined interval. Checkpoint Window The greatest difference allowed between the number of the last checkpoint transmitted and the number of the last checkpoint acknowledged. When this number of checkpoints are not acknowledged, the sender suspends data transmission until it receives a checkpoint acknowledgment. A value of zero indicates that no acknowledgments are required. Connection Timeout When SecureTransport acts as a client, the value of this field specifies the amount of time (in seconds) that SecureTransport will wait for an acknowledgment for a transfer. Default value: the value specified in the Pesit.Client.Inactivity.Timeout configuration option. Accepted values: positive integers. If specified, the Connection Timeout value overwrites the Pesit.Client.Inactivity.Timeout value. PeSIT Buffer size The size of the internal buffer for this transfer site in bytes. Valid values are 512 to 65535. A larger buffer improves performance. Specifies the maximum size of a PeSIT data element (PI 25). Should be greater than 800 bytes and less than 65535. User Message Send A string sent as PI 99 when the SecureTransport Server initiates a file transfer to the partner PeSIT server. The field may contain expressions. The tool tip lists valid expressions. If SecureTransport received the file using PeSIT, it retained the values of all the PeSIT PI codes as metadata and the PeSIT expression language variables contain those values. See also Expression Language, especially PeSIT variables. The string that results from the evaluation of the expression must be at most 512 characters long. User Message Receive A string included in messages sent when the SecureTransport Server initiates a file transfer from the partner PeSIT server. The field may contain expressions. The string that results from the evaluation of the expression must be at most 512 characters long. Store and Forward Mode Select the Store and Forward mode: START_NEW or PRESERVE. Note The Store and Forward mode selected here can be overwritten from the Send To Partner step settings. Originator In case of SecureTransport initiating a new Store and Forward transfer, this property specifies the originator (PI61) of the transfer. Note The originator specified in the PeSIT transfer site can be overwritten from the Advanced Routing Send To Partner step setting Originator. In case no value is specified in both this filed and the Advanced Routing Send To Partner step setting Originator, PI61 is blank. When the PRESERVE store and forward mode is selected, this field is disabled as PI preserves the PI61 value. Final Destination In case of SecureTransport initiating a new Store and Forward transfer, this property specifies the final destination (PI62) of the transfer. Note The final destination specified in the PeSIT transfer site can be overwritten from the Advanced Routing Send To Partner step setting Final Destination. In case no value is specified in both this field and the Advanced Routing Send To Partner step setting Final Destination, PI62 is blank. When the PRESERVE store and forward mode is selected, this field is disabled as PI preserves the PI62 value. Network Settings These options appear when you select Show Advanced Settings. Note The following settings: Use TLS/SSL onward are described here. Simultaneous transfers The maximum number of simultaneous transfers from this transfer site to remote PeSIT systems. A value of zero means no limit. Parallel TCP connections The number of TCP connections to make for parallel TCP (pTCP) to accelerate transfers. Parallel TCP package size The pTCP packet size in bytes. Socket Send / Receive Buffer Size The size of the pTCP buffers in bytes. Specifies the TCP Socket maximum send and receive buffer size in bytes. This setting corresponds to SO_SNDBUF and SO_RCVBUF socket parameters. pTCP connection retry count The number of attempts SecureTransport makes for each TCP connection for pTCP. When the value of the Host field is the address of load balancer for a remote PeSIT cluster, set this field to connections * (nodes - 1), where: connections is the value of the Parallel TCP Connections field nodes is the number of nodes in the remote PeSIT cluster SecureTransport reties the connections until all connections are with the same PeSIT remote server. It specifies the maximum times the SecureTransport will attempt to re-establish a connection with the remote server in case of "Unknown session" error. This is useful in cases where the remote partner is a PeSIT cluster, the address in the transfer site represents the load balancer in front of the PeSIT cluster and the individual nodes behind the Load Balancer are not accessible. In such environment, all connections have to arrive on the same partner node. Depending on the load balancing configuration different number of retries or no retries (sticky session LB configuration) might be required. Note The options displayed below pTCP connection retry count are described here. Advanced SSL Settings Scroll down to the bottom of the screen and click the Show Advanced SSL Settings to expand the screen with additional options. The following table provides brief description on the Advanced SSL Settings: Field Description Show Advanced SSL Settings Cipher suites The set of cipher suites available with the current PeSIT transfer site for secure SIT connection. By default this set is populated with the cipher suites as defined in the Pesit.SIT.Ciphers configuration option. To reset to default values, click the button next to the tooltip. Enabled SSL protocols The available SSL protocols for secure SIT connection with the current PeSIT transfer sites. By default this list is populated with the SSL protocols as defined in the Pesit.SIT.EnabledProtocols configuration option. To reset to default values, click the button next to the tooltip. The following sectiion provides how-to instructions for selecting a default PeSIT transfer site for routing: Select a default PeSIT transfer site for routing Select a default PeSIT transfer site for routing SecureTransport implements PeSIT routing as an intermediate partner by sending a received file to a PeSIT transfer site specified as the destination of the PeSIT transfer. SecureTransport matches the specified destination to the names of the transfer sites for the account that receives the file. If a transfer site name matches, SecureTransport transfers the file to that site. No subscription is required. If no transfer site name matches and a default PeSIT transfer site is defined, SecureTransport transfers the file to that site. If there is no default site, SecureTransport checks the Routing Mode value for the account. When set to Reject, the transfer is rejected before it starts. When set to Accept, the transfer is performed and the file is retained locally. If it is Ignore, a transfer that cannot be routed is ignored. When SecureTransport routes a transferred file to a final PeSIT destination, SecureTransport includes PI 61 and PI 62. Select Accounts > User Accounts. The User Accounts page is displayed. Click the name of the account for which you want to set the default transfer site. Click the Transfer Site tab. Select the check box next to the name of the PeSIT transfer site to make the default. Click Set PeSIT Default. The default is indicated in the transfer site list. Related topics: Transfer site properties AS2 transfer sites Connect:Direct transfer sites File services interface protocol transfer sites Folder Monitor transfer sites FTP(S) transfer sites Generic HTTP transfer sites HTTP(S) transfer sites SharePoint transfer sites SSH transfer sites System to Human transfer sites Manage transfer sites Related Links
PeSIT transfer sites The following image is a snapshot of the Add Transfer Site page for a transfer site definition that uses the PeSIT transfer protocol. Unlike transfer sites for other transfer protocols, a PeSIT transfer site is also used for transfers initiated by the external PeSIT partner (considered client-initiated by SecureTransport). Only a Site Name value is required to define the partnership but it must not be used for transfers initiated by the SecureTransport server on which it is defined. For a PeSIT transfer site, the Site Name designates the destination for an incoming routed transfer. For more information, see Select a default PeSIT transfer site for routing. The following table describes the PeSIT protocol options for a transfer site. Field Description Remote Partner Settings This group of options is displayed right below your selection of Transfer Protocol: PeSIT. Host The host name or IP address of the remote server to connect to for file transfers. You cannot enter spaces-only values in this field. For more information, see Spaces in required fields. Port The port on the remote server to be used for file transfers. You cannot enter spaces-only values in this field. For more information, see Spaces in required fields. Alternative addresses Visibility of this option is controlled via a Server configuration option. This set of options allow you to add, delete and set a priority order of alternative endpoints. These endpoints act as backup alternatives to the configured Server-Port Site Settings and are particularly useful in cases of transfer failures. Specifying alternative endpoints as backup servers provides a way to temporarily reroute pending transfers and minimize the risk of transfer failure. As with the Server-Port site settings, the connection to each alternative endpoint is defined by its host name (or IP address) and port number. To add an alternative server endpoint, click New Address. The Alternative Addresses table expands with a new row, that allows you to enter a hostname (or IP address), a port number and save these changes. To delete an alternative server endpoint, select the corresponding check-box on the same row and click Delete. To reorder the list of alternative endpoints, click Reorder. A new option (upward and downward arrow) appears next to each entry. You must hover with the mouse pointer over this newly appeared option and the mouse pointer will assume the "move" shape: a four-directional arrow pointer. This indicates which alternative endpoint is on focus. You can now drag & drop it up and down to the order number you want it at. Perform this action with other alternative endpoints until the list is ordered according to your needs. When you are done, click Save Order to keep the newly changed order. Note Visibility of this option is controlled with the value set for the TransferSite.AlternativeAddresses.retryPolicy configuration option. It allows you to set a "retry policy" with a list of alternative endpoints (presented in IP address: Port number pairs or hostname) you define on this screen. But before you are able to do so, you must go to Operations > Server Configuration and set the policy type using either of the following values: AllHostsOnEachRetry – with this policy SecureTransport iterates through each endpoint, one by one, starting with the first in the list. If connection not successful, SecureTransport will continue trying each endpoint one after another until the maximum number of retries is reached. You can set the maximum retry value by editing the EventQueue.maxRetryCount configuration option. OneHostOnEachRetry – with this policy SecureTransport tries to connect to the first endpoint in the list. If connection not successful, SecureTransport will continue trying that endpoint until the maximum number of retries is reached; and then will move to the next one in the list. Following that same pattern, SecureTransport will try each endpoint until success; or until end of list. You can set the maximum retry value by editing the EventQueue.maxRetryCount configuration option. Disabled (default) – this is the default value that keeps the table with endpoints entirely hidden from view. Network Zone The network zone that defines the proxies to use for transfers through this site. Select none to connect directly to the remote partner server. Select any to allow SecureTransport to select the proxy connection using a network zone that enables an SOCKS5 proxy.SecureTransport Select Default to use the default network zone proxy configuration. If no default is network zone is defined, transfers from this transfer site fail. Select a specific network zone to use the proxy configuration defined for that zone. For more information, see Specify TM Server communication ports and IP address for protocol servers on SecureTransport Edge. Transfer Settings Please note that the options described appear on display when the Show Advanced Settings option is not selected. When you select the Show Advanced Settings checkbox, these options are moved under Network Settings. Use TLS/SSL Requires the use of TLS or SSL for communication with the partner server. When selected, additional fields appear on display. Verify partner's certificate Verify the TLS/SSL certificate of the partner site. This field is displayed when the Use TLS/SSL option is selected. When selected, SecureTransport verifies whether the server certificate of the partner is chained to a trusted root using the algorithm specified in AgentServers.Ssl.trustAlgorithm server configuration parameter and the certificates imported in the Trusted CAs store. Enable SSL Legacy Mode Requires the use of SSL Legacy mode for communication with the partner server. This field is displayed when the Use TLS/SSL option is selected. Enable FIPS Transfer Restrict PeSIT to use only FIPS 140-2 Level 1 certified cryptographic libraries. This field is displayed when the Use TLS/SSL option is selected. When you enable FIPS transfer mode, the panel expands with an additional field that lets you specify the desired set of cipher suites to be used in FIPS mode for server-initiated transfers through this site. By default, this set is populated with the cipher suites as defined in the Pesit.FIPS.SIT.Ciphers configuration option. You can add or remove cipher suites. The supported FIPS cipher suites from which you can select when adding a new one are listed in FIPS transfer mode. Note that both the sender and the recipient must use supported FIPS ciphers suites. Otherwise, the transfer will fail. Login certificate The local certificate to use when connecting to the partner site. By default, the usage of expired X509 certificates is allowed for SIT transfers. To forbid it, set the SIT.allowExpiredCertificates to false. Partner certificate The login certificate to use when authenticating the remote site. Advanced Settings Scroll down to the bottom of the screen and select Show Advanced Settings to expand the screen with additional options. Field Description Pre-connection settings You must have both Show Advanced Settings and Configure Pre-Connection selected for the following group of options to appear right below. PeSIT pre-connection settings allow you to map a server ID and password (Server Settings) to the corresponding client-side partner ID and password (Partner Settings). PeSIT pre-connection acts as a mechanism for additional verification prior to establishing a PeSIT connection. By default, the Configure Pre-Connection checkbox is not selected. If you leave it this way, the following rules apply, depending on the SecureTransport role in Pre-Connection phase: SecureTransport as Server – SecureTransport does not validate the received Partner ID and Partner Password. SecureTransport as Client – SecureTransport sends to the target PeSIT Server the Account name as a Partner ID and the Connection Partner Password (if specified) as Partner Password. When you select the Configure Pre-Connection checkbox you must add either Server or Partner Settings, or both. In all cases, the Id field is required and the Password field is optional. With the input of Server or Partner Settings, the following rules apply, depending on the SecureTransport role in the Pre-Connection phase: SecureTransport as Server – SecureTransport validates the received Partner ID and Partner Password against the configured Server ID and Server Password. SecureTransport as Client – SecureTransport sends the configured Partner ID and Partner Password to the target PeSIT Server. Server Settings These options appear when you select Pre-Connection settings. Server Id The ID against which the Server validates the received Partner ID during Pre-Connection phase. It can contain any symbols (up to 8 characters). Leading or trailing spaces will be trimmed. Password (optional) The password against which the Server validates the received Partner password during Pre-Connection phase. It can contain any symbols (up to 8 characters). White spaces are not allowed. Leading or trailing spaces will be trimmed. Re-enter Password Retype the password you configure for pre-connection to your PeSIT server. Partner Settings These options appear when you select Pre-Connection settings. Partner Id The ID that the PeSIT client sends during Pre-Connection phase. It can contain any symbols (up to 8 characters). Leading or trailing spaces will be trimmed. Password (optional) The password that the PeSIT client sends during Pre-Connection phase. It can contain any symbols (up to 8 characters). White spaces are not allowed. Leading or trailing spaces will be trimmed. Re-enter Password Retype the password you configure for pre-connection to your PeSIT transfer site. Connection Settings Server Password Setting To use a server password, select Use Password and type the same password in both fields. The password is required when a remote partner connects to this Server and password authentication is used. Valid passwords are string values consisting of one to eight characters. Partner Password Settings To use a partner password, select Use Password and type the password in the field provided. The password is required when this Server connects to a remote partner. Valid passwords are string values consisting of one to eight characters. Transfer Settings These options appear when you select Show Advanced Settings. Please note that when you have not selected the Show Advanced Settings checkbox, a different group of options is presented, as described here. Compression Enables horizontal online compression, vertical online compression, or both for transfers initiated by the SecureTransport Server. If the partner PeSIT server does not supports the selected compression, no compression is used for these transfers. SecureTransport support all types of compression for transfers initiated by the partner PeSIT server. Resync Allowed Enables dynamics resynchronization of exchanges during transfer, without interrupting the data exchange phase. Checkpoint Interval The maximum number of bytes in KB (equals 1024 bytes) that the sender may transmit between two consecutive checkpoints. Checkpoints are used to restart the transfer when required. A value of zero indicates no checkpoints. A value of 65535 indicates an undefined interval. Checkpoint Window The greatest difference allowed between the number of the last checkpoint transmitted and the number of the last checkpoint acknowledged. When this number of checkpoints are not acknowledged, the sender suspends data transmission until it receives a checkpoint acknowledgment. A value of zero indicates that no acknowledgments are required. Connection Timeout When SecureTransport acts as a client, the value of this field specifies the amount of time (in seconds) that SecureTransport will wait for an acknowledgment for a transfer. Default value: the value specified in the Pesit.Client.Inactivity.Timeout configuration option. Accepted values: positive integers. If specified, the Connection Timeout value overwrites the Pesit.Client.Inactivity.Timeout value. PeSIT Buffer size The size of the internal buffer for this transfer site in bytes. Valid values are 512 to 65535. A larger buffer improves performance. Specifies the maximum size of a PeSIT data element (PI 25). Should be greater than 800 bytes and less than 65535. User Message Send A string sent as PI 99 when the SecureTransport Server initiates a file transfer to the partner PeSIT server. The field may contain expressions. The tool tip lists valid expressions. If SecureTransport received the file using PeSIT, it retained the values of all the PeSIT PI codes as metadata and the PeSIT expression language variables contain those values. See also Expression Language, especially PeSIT variables. The string that results from the evaluation of the expression must be at most 512 characters long. User Message Receive A string included in messages sent when the SecureTransport Server initiates a file transfer from the partner PeSIT server. The field may contain expressions. The string that results from the evaluation of the expression must be at most 512 characters long. Store and Forward Mode Select the Store and Forward mode: START_NEW or PRESERVE. Note The Store and Forward mode selected here can be overwritten from the Send To Partner step settings. Originator In case of SecureTransport initiating a new Store and Forward transfer, this property specifies the originator (PI61) of the transfer. Note The originator specified in the PeSIT transfer site can be overwritten from the Advanced Routing Send To Partner step setting Originator. In case no value is specified in both this filed and the Advanced Routing Send To Partner step setting Originator, PI61 is blank. When the PRESERVE store and forward mode is selected, this field is disabled as PI preserves the PI61 value. Final Destination In case of SecureTransport initiating a new Store and Forward transfer, this property specifies the final destination (PI62) of the transfer. Note The final destination specified in the PeSIT transfer site can be overwritten from the Advanced Routing Send To Partner step setting Final Destination. In case no value is specified in both this field and the Advanced Routing Send To Partner step setting Final Destination, PI62 is blank. When the PRESERVE store and forward mode is selected, this field is disabled as PI preserves the PI62 value. Network Settings These options appear when you select Show Advanced Settings. Note The following settings: Use TLS/SSL onward are described here. Simultaneous transfers The maximum number of simultaneous transfers from this transfer site to remote PeSIT systems. A value of zero means no limit. Parallel TCP connections The number of TCP connections to make for parallel TCP (pTCP) to accelerate transfers. Parallel TCP package size The pTCP packet size in bytes. Socket Send / Receive Buffer Size The size of the pTCP buffers in bytes. Specifies the TCP Socket maximum send and receive buffer size in bytes. This setting corresponds to SO_SNDBUF and SO_RCVBUF socket parameters. pTCP connection retry count The number of attempts SecureTransport makes for each TCP connection for pTCP. When the value of the Host field is the address of load balancer for a remote PeSIT cluster, set this field to connections * (nodes - 1), where: connections is the value of the Parallel TCP Connections field nodes is the number of nodes in the remote PeSIT cluster SecureTransport reties the connections until all connections are with the same PeSIT remote server. It specifies the maximum times the SecureTransport will attempt to re-establish a connection with the remote server in case of "Unknown session" error. This is useful in cases where the remote partner is a PeSIT cluster, the address in the transfer site represents the load balancer in front of the PeSIT cluster and the individual nodes behind the Load Balancer are not accessible. In such environment, all connections have to arrive on the same partner node. Depending on the load balancing configuration different number of retries or no retries (sticky session LB configuration) might be required. Note The options displayed below pTCP connection retry count are described here. Advanced SSL Settings Scroll down to the bottom of the screen and click the Show Advanced SSL Settings to expand the screen with additional options. The following table provides brief description on the Advanced SSL Settings: Field Description Show Advanced SSL Settings Cipher suites The set of cipher suites available with the current PeSIT transfer site for secure SIT connection. By default this set is populated with the cipher suites as defined in the Pesit.SIT.Ciphers configuration option. To reset to default values, click the button next to the tooltip. Enabled SSL protocols The available SSL protocols for secure SIT connection with the current PeSIT transfer sites. By default this list is populated with the SSL protocols as defined in the Pesit.SIT.EnabledProtocols configuration option. To reset to default values, click the button next to the tooltip. The following sectiion provides how-to instructions for selecting a default PeSIT transfer site for routing: Select a default PeSIT transfer site for routing Select a default PeSIT transfer site for routing SecureTransport implements PeSIT routing as an intermediate partner by sending a received file to a PeSIT transfer site specified as the destination of the PeSIT transfer. SecureTransport matches the specified destination to the names of the transfer sites for the account that receives the file. If a transfer site name matches, SecureTransport transfers the file to that site. No subscription is required. If no transfer site name matches and a default PeSIT transfer site is defined, SecureTransport transfers the file to that site. If there is no default site, SecureTransport checks the Routing Mode value for the account. When set to Reject, the transfer is rejected before it starts. When set to Accept, the transfer is performed and the file is retained locally. If it is Ignore, a transfer that cannot be routed is ignored. When SecureTransport routes a transferred file to a final PeSIT destination, SecureTransport includes PI 61 and PI 62. Select Accounts > User Accounts. The User Accounts page is displayed. Click the name of the account for which you want to set the default transfer site. Click the Transfer Site tab. Select the check box next to the name of the PeSIT transfer site to make the default. Click Set PeSIT Default. The default is indicated in the transfer site list. Related topics: Transfer site properties AS2 transfer sites Connect:Direct transfer sites File services interface protocol transfer sites Folder Monitor transfer sites FTP(S) transfer sites Generic HTTP transfer sites HTTP(S) transfer sites SharePoint transfer sites SSH transfer sites System to Human transfer sites Manage transfer sites