The following information is used in this example:
Proxy User name: pu3
Authorized User name: none
Authorized User password: none
Backend user name: BkEndUsrName
Backend FTP server name: BackendServer
SunScreenProxy server name: qa22-efs-hem1
Client machine name: tiny
Type the following to make sure the backend FTP Server is accessible:
ping -s BackendServer |
Add an entry in the /etc/hosts file, if it is accessible.For example:
1.2.3.4 BackendServer |
Create a new Service for the FTP proxy service:
Log in to the administration GUI.
On the Policies List page, select the policy and click the Edit... button.
The Policy Rules page appears.
In the Common Objects section, select Service from the Type choice list.
Click New Single... from the Add New choice list.
The Service dialog window appears.
Type the name for this new service in the Name field, for example:
proxy-ftp |
Click the Add Filter button and select ftp.
Click the field under Port, and type 21.
Click the OK button.
There is no need to create an Authorized User.
Create the Proxy User:
In the Common Objects section, select Proxy User from the Type choice list.
Select New Single... from the Add New choice list.
The Proxy User dialog window appears.
Type a name for this Proxy User in the Name field, for example:
pu3 |
Click the User Enabled check-box.
Leave the Authorized User Name field empty.
Type a name in the Backend User Name field, for example:
BkEndUsrName |
Click the OK button.
Create a Policy Rule:
Save the changes:
From the Client Machine:
Make sure the physical connections are good.
Make sure the client machine can access SunScreen Proxy Server:
ping -s qa22-efs-hme1 |
Test the FTP proxy service:
Command issued: ftp qa22-efs-hme1
Username: pu3@BackendServer
Password: put_anything@BkEndUsrName"s password OR: <none>@BkEndUsrName"s password For example, zzz@cherrycoke (Password is not seen because it is echo suppressed.)
tiny# ftp qa22-efs-hme1 Connected to qa22-efs-hme1. 220- Proxy: SunScreen FTP Proxy Version 3.0 : Username to be given as <proxy-user>'@'<FTP-server-host> : Password to be given as <proxy-password>'@'<FTP-server-password> 220 Ready. Name (qa22-efs-hme1:root): pu3@BackendServer 331- Proxy: Authenticate & connect: 331 Password needed to authenticate 'pu3'. Password: <zzz@cherrycoke> OR Password: <@cherrycoke> 230- Proxy: : Authentication mapped 'pu3' to backend user 'BkEndUsrName'. : Connecting to BackendServer (1.2.3.4) - done. Server: 220 BackendServer FTP server (SunOS 5.6) ready. Proxy: Login on server as 'BkEndUsrName'. Server: 331 Password required for BkEndUsrName. Proxy: Supplying password to server. 230 Server: User BkEndUsrName logged in. ftp> ls |