The Ftp proxy supports inband authentication as well to use the built-in authentication method of the FTP and FTPS protocols to authenticate the client. The authentication itself is performed by the ASbackend configured for the service.
If the client uses different usernames on AS and the remote server (e.g., he uses his own username to authenticate to AS, but anonymous on the target FTP server), the client must specify the usernames and passwords in the following format:
Username:
<ftp user>@<proxy user>@<remote site>[:<port>]
Password:
<ftp password>@<proxy password>
Alternatively, all the above information can be specified as the username:
<ftp user>@<proxy user>@<remote site>[:<port>]:<ftp password>@<proxy password>
| Warning |
|---|
|
When using inband routing with the FTPS protocol, the server's certificate is compared to its hostname. The subject_alt_name parameter (or the Common Name parameter if the subject_alt_name parameter is empty) of the server's certificate must contain the hostname or the IP address (as resolved from the PNS host) of the server (e.g., Alternatively, the Common Name or the Note that if the Common Name of the certificate contains a generic hostname, do not specify a specific hostname or an IP address in the |
© 2021 BalaSys IT Security.
Send your comments to support@balasys.hu
