Configuring Perimeter Network Security

If you have installed the DMZ Gateway module, you must configure EFT Server's connection to DMZ Gateway. You can enable DMZ Gateway when you create the Site or enable it later in the EFT Server administration interface. In the Site Setup wizard for both standard and PCI DSS Sites, EFT Server displays the Perimeter Security configuration page that asks whether you will be using DMZ Gateway, and allows you to enter the DMZ Gateway IP address and port number. If Connect this site to EFT Server's DMZ Gateway is selected when you are creating a Site in the Site Setup wizard, EFT Server attempts to establish a socket connection to DMZ Gateway when you click Next.

If the socket connection fails, a message appears in which you are allowed to provide the DMZ Gateway information again or disable DMZ Gateway and continue without it. (You can attempt to configure it again later.)
If the socket connection is successful, EFT Server applies the settings and continues with Site setup.
If you attempt to connect DMZ Gateway Enterprise to EFT Server SMB, an error message will appear stating that you are using the wrong edition of DMZ Gateway.

To enable DMZ Gateway in EFT Server

In EFT Server, connect to EFT Server and click the Server tab.
Click the node of the Site you want to connect with the DMZ Gateway, then click the Gateway node.
In the right pane, the DMZ Gateway tab appears.
Select the Enable the DMZ Gateway as a proxy check box.
Specify the IP address and the port number of the DMZ Gateway to which you are connecting. The default port is 44500. The connection will be refused if the port is being used by another DMZ Gateway/Site or if the IP address is on the IP address ban list.)
In the Protocols area, select the check boxes for the protocols and the ports that DMZ Gateway will use. This is a separate configuration from the ports that EFT Server uses. For example, you could use port 21 for FTP traffic for EFT Server, but port 14421 for FTP traffic through the DMZ Gateway.
If you are using DMZ Gateway with a PASV mode IP address, click PASV settings. The Firewall/NAT Routing dialog box appears.
1. Select the Assign PASV mode IP address check box, then specify the IP address and port range.
2. Click OK.
Click Apply to save the changes on EFT Server.
Establish a new connection with EFT Server by stopping and restarting connected Sites.
1. In the left pane, click the Site node.
2. In the right pane, click the General tab.
3. Click Stop. The Site Status area displays "Stopped" with a red ball icon.
4. Click Start. The Site Status area displays "Running" with a green ball icon.

This online help file is for EFT Server version 6.3.x. For other versions of EFT Server, please refer to http://help.globalscape.com/help/index.html.

(If the Index and Contents are hidden, click Show Contents pane in the top left corner of this topic.)

If this help topic did not help you, search the Knowledgebase or pose your question in the GlobalSCAPE User Forum.

For the most up-to-date information, to view version history, updates, and activation instructions; or to download a PDF of this user guide, visit the Support Center at http://www.globalscape.com/support.

Leave compliments or complaints regarding the help in the User Forum. At a minimum, please provide the topic title and why you needed help.

For information about GlobalSCAPE, visit www.globalscape.com, subscribe to our Secure Info Exchange blog, or follow us on Twitter.

Last modified: 20-Dec-11 at 15:59:59