There are various connection preferences that may be used to define how users may connect to domain services you create. These preferences may be managed under the Connections and Services nodes.
General connection settings apply to all file transfer protocols including AS2, FTP/S, SFTP/SCP, HTTP/S, WebDAV and AFTP and may be set using the Connections node.
Figure 28
Max concurrent connections - The maximum number of concurrent connections allowed. Note: This value may not exceed the concurrent connection limit of your license type.
Max connections/IP - The maximum number of active connections from a single client IP address.
Max connections/user - The maximum number of active connections from a single user.
Max downloads/session - The maximum number of downloads per client session.
Max uploads/session - The maximum number of uploads allowed per client session.
Max file download size (MB) - The maximum file download size in MB.
Max file upload size (MB) - The maximum file upload size in MB.
Max uploads (MB) - Defines an upload quota for the domain that is reset every N days. If upload quota is exceeded no further uploads are allowed until upload quota is reset.
Max downloads (MB) - Defines a download quota for the domain that is reset every N days. If download quota is exceeded no further downloads are allowed until download quota is reset.
Max transfers (MB) - Defines a transfer quota for the domain that is reset every N days. If transfer quota is exceeded no further file transfers are allowed until transfer quota is reset. Transfers are the combined sum of uploads and downloads.
Max transfer rate - The maximum transfer rate for the entire domain. This limit applies to the aggregate of all connections for a given domain, regardless of protocol. This value can be set in KBps, MBps, or GBps.
Disable user after X invalid password attempts in Y min - Disables account for a certain period of time if too many login attempts fail within a certain period of time.
Disable IP after X invalid password attempts in Y min - Blocks IP from further access for a certain period of time if too many login attempts fails within a certain period of time.
Flag IP after X invalid password attempts in Y min - Flags IP for a certain period of time if too many login attempts fails within a certain period of time. Note, flagging an IP has no affect on the users ability to connect. This will result in an IP Flagged event being raised and is intended primarily for integrating with other applications such as JSCAPE MFT Gateway.
Disable IP after X concurrent connections for Y min - Disables an IP address for a certain period if it's deemed to be making too many concurrent connections, which might indicate a denial-of-service attack. In the event that an IP is blocked/disabled, an IP Blocked event will be raised AND all connections from the offending IP will be closed.
Flag IP after X concurrent connections for Y min - Flags an IP address for a certain period if it's deemed to be making too many concurrent connections. In the event that an IP is flagged, an IP Flagged event will be raised.
Close connection after - Closes a connection after a specified number of invalid authentication attempts is reached while performed over that connection.
FTP/S connection settings may be managed under the Services > FTP/S panel.
Figure 70
Connections
Banner - The banner to display to FTP clients.
Command channel timeout (min) - The time in minutes that a client may remain inactive on command channel before server forcefully disconnects client.
Data channel timeout (min) - The time in minutes that a client may remain inactive on data channel before server forcefully disconnects client.
Passive IP - The IP to use when responding to PASV client requests.
Passive port range - The port range on the server to use for servicing PASV client requests.
Data channel send buffer - The size of send buffer for data channel. Default is send buffer size for JVM.
Data channel receive buffer - The size of receive buffer for data channel. Default is the receive buffer size for JVM.
Enable TCP_NODELAY - When checked, this setting disables Nagle's algorithm
Default transfer mode - The default transfer mode to be used by server in the event that client does not specify transfer mode.
Allowed connections modes - The allowed connection modes for file transfers and directory listings.
Security
Require data channel encryption - If enabled client will be required to encrypt data channel when using FTPS (FTP over SSL) protocol.
Require client certificate for authentication - If enabled users authenticating using FTPS (FTP over SSL) will be required to authenticate using data encrypted with a private key that maps to a server installed client certificate.
Require client certificate for data channel - If enabled users requesting data transfer using FTPS (FTP over SSL) will be required to supply data encrypted with a private key that maps to a server installed client certificate.
Shutdown SSL for CCC command - If enabled client must properly shutdown SSL connectiosn for command channel when issuing CCC command.
Shutdown SSL for data connection - If enabled client must properly shutdown SSL data connections.
SSL/TLS Ciphers - The SSL/TLS ciphers to enable for FTPS (FTP over SSL) services.
Block bounce attack - If enabled, FTP/S services will only be allowed to make PORT requests to originating host.
Block PASV attack - If enabled users will only be allowed to connect to passive data ports that are initiated by same client on command channel.
SFTP/SCP connection settings may be managed under the Services > SFTP/SCP panel.
Figure 71
Software version - The SSH version banner displayed when connecting. Note, it is important that this not contain any spaces.
Startup banner - The banner to display to SFTP clients prior to displaying SSH version banner.
Authentication banner - The banner to display to SFTP clients prior to displaying authentication prompt.
Connection timeout - The time in minutes that client connection may remain inactive before server forcefully disconnects client.
Connection send buffer - The size of send buffer. Default is send buffer size for JVM.
Connection receive buffer - The size of receive buffer. Default is the receive buffer size for JVM.
Enable TCP_NODELAY - When checked, this setting disables Nagle's algorithm
Disable expanded longname format for SSH_FXP_REALPATH - May be required for some SFTP clients that cannot handle long paths in SSH_FXP_REALPATH packets.
Algorithms - Lists all algorithms and ciphers, their order of preference and whether they are enabled.
See also
Additional libraries needed for SFTP ciphers
AFTP connection settings may be managed under the Services > AFTP panel.
Figure 163
Connection channel timeout (min) - The time in minutes that client channel (TCP) connection may remain inactive before server forcefully disconnects client.
Data channel timeout (min) - The time in minutes that client data (UDP) connection may remain inactive before server forcefully disconnects client.
Max loss list size - The maximum number of lost blocks of data that may exist in memory for a client session.
Enable TCP_NODELAY - When checked, this setting disables Nagle's algorithm
SSL/TLS Ciphers - The SSL/TLS ciphers to enable for AFTP services.
OFTP connection settings may be managed under the Services > OFTP panel.
Figure 192
Connection timeout - Connection channel timeout (min) - The time in minutes that client channel (TCP) connection may remain inactive before server forcefully disconnects client.
Max data buffer size - The maximum data buffer size for OFTP connections.
Max credit - The maximum number of packets that client may send to server before receiving an acknowledgment from server that is it ready to receive more data.
[Overwrite | Generate unique] file when existing file found - The desired behavior if an existing file is found during an OFTP file upload
SSL/TLS Ciphers - The SSL/TLS ciphers to enable for OFTP services.
TFTP connection settings may be managed under the Services > TFTP panel.
Figure 193
Max retransmit attempts - The maximum number of times that sender may unsuccessfully send a message before failure.
Retransmit interval - The retransmission interval (seconds) between each message retransmission attempt.
Generate dir.txt file if missing - If checked client may request the file dir.txt to obtain a directory listing of available files.
Generate .md5 file if missing - If checked client may request any filename with a .md5 extension to obtain an MD5 hash of filename contents.
HTTP/S connection settings may be managed under the Services > HTTP/S panel.
Figure 89
Theme - The color theme used for the buttons, menus, tabs, and other GUI elements.
Logo - The logo displayed in upper left corner when using HTML user interface.
Show login info - If checked, the current username and domain is displayed in upper right.
Show search - If checked searches on indexed documents may be performed.
Show ASCII/Binary option - If checked, user has option of uploading files in both ASCII and binary modes. If unchecked only binary is allowed by default and user does not have ability to change this setting.
Show account link - If checked the My Account link is displayed in upper right allowing users to change their account contact information.
Resources... - The current language resource file. Language resource files are used for specifying alternative user interface labels based on client browser default language.
Connection timeout - The connection timeout for HTTP requests in minutes.
Logout URL - The URL to redirect user to upon clicking Logout link.
Enable auto-logout after - If checked, user will be automatically logged out after X minutes of inactivity with grace period of Y seconds.
Enable self-registration with user template - Enables new users to self-register. The properties of the newly created user account will depend on the template chosen from the drop-down list.
Enable web document viewer - If checked web document viewer is enabled.
Enable ad-hoc file transfers - If checked ad-hoc file transfers will be enabled for the domain.
Show buttons shortcuts - If checked, button shortcuts (e.g. F2, F5, F7) are displayed on buttons.
Forms... - Forms available during file upload when using HTML user interface.