CrushFTP can operate in a restricted environment where a front end DMZ server processes protocols and connections, and a secured internal server has access to the file system, database, or other protected resources.
1.) To start a DMZ instance waiting for its configuration from the internal server:
java -jar CrushFTP.jar -dmz 9000 #accept a connection from any IP on port 9000 to receive settings and run java -jar CrushFTP.jar -dmz 9000 192.168.1.10,10.0.1.5,192.168.1.11 #accept a connection from these IPs on port 9000 and runIf you specify acceptable IPs, and the IP isn't int he list, the connection is dropped, and a message logged.
2.) Now that the server is configured, you need to configure prefs for this server. Its usually easiest to start with your existing prefs on your internal server and adjust it later on.
So duplicate prefs.XML and call it "prefs_dmz1.XML". The "_dmz1" is part of a specific naming scheme. This server will be identified as "dmz1". So if you wanted another name such as 'extra' you would do "prefs_extra.XML".
3.) Now that the prefs are ready, lets configure the port in CrushFTP that will attach to the DMZ instance and handles things.
Add new attachment
List of attachments
Kind | Attachment Name | Size | Version | Date Modified | Author | Change note |
---|---|---|---|---|---|---|
png |
dmz_port.png | 54.9 kB | 2 | 09-Oct-2016 18:14 | Ben Spink | |
png |
dmz_publickey.png | 13.9 kB | 1 | 09-Oct-2016 18:14 | Ben Spink | |
png |
dmz_selector.png | 30.3 kB | 1 | 09-Oct-2016 18:14 | Ben Spink | |
png |
dmz_user.png | 57.6 kB | 3 | 09-Oct-2016 18:14 | Ben Spink |