Create the FTPES Server

Step 1	From the UDMG Admin UI navigation pane, select Local Servers. The Servers list displays.
Step 2	Click Add icon (). The Server Details displays. In the Server Name field, enter stonebranch-ftpes-01 In the Protocol field, select FTPES In the IP Address field, enter 0.0.0.0 In the Port field, enter 4100 In the Root Directory field, enter data In the Receive Directory field, enter ftpes-01/in In the Send Directory field, enter ftpes-01/out In the Temp Directory field, enter ftpes-01/tmp In the Member of Business Service, select one of the available Business Services. More business Services can be added after the rule is created. Additional FTPES protocol-related parameters can be set: Max client: maximum number of clients that are allowed at the same time on the server. Passive IP: the IP that the server returns to the client for establishing the passive connection. Port range: the lower and upper values for the port range of the passive connections. Allow remove file: allows users to remove files. Allow rename file: allows users to rename files. Mandatory Encryption: select to force explicit encryption, any client connection without encryption is refused. If this is not set, FTP connections are allowed.
Step 3	Click Save icon ().
Step 4	Click the Restart icon (). The changes are effective after a restart of the local server.
Step 5	Prepare the certificate and private key in PEM format. To generate a sample self-signed certificate with openssl > 1.1.1: $ openssl req -new -subj "/C=AR/ST=AR/L=AR/O=AR/OU=AR/CN=localhost" -newkey rsa:2048 -x509 -sha256 -days 365 -nodes -out ftpes-01.crt -keyout ftpes-01.key -addext 'subjectAltName = IP:0.0.0.0,DNS:localhost'
Step 6	Select the stonebranch-ftpes-01 server record from the Server list and click the Certificates / Keys tab.
Step 7	Click the Add icon ().
Step 8	The Certificate Details displays. In the Name field, enter stonebranch-ftpes-cert-01. In the Private Key field, paste the key in PEM format. In the Certificate field, paste the certificate in PEM format. Click Submit button.
Step 9	Click Save icon ().
Step 10	The certificate record appears in the list:
Step 11	To see more details about a specific server certificate, click the View icon (). Click the Private Key to show the key details: algorithm bits: size of the key, only for RSA key type the MD5 fingerprint the SHA256 fingerprint a clean authorized keyline, without any comment or host specification Click the Certificate option to show the certificate details: signatureAlgorithm algorithm bits version serial number subject issuer validity date notBefore validity date notAfter key usage code isCA flag The MD5 fingerprint The SHA1 fingerprint The SHA256 fingerprint The list of SAN addresses If the record was just created or updated, click the Refresh icon () to reload the details.
Step 12	Start the server by clicking on the Play () icon.
Step 13	Click on the UDMG Server Status button to show the list of running services. The new server stonebranch-ftpes-01 is listed and should appear with a green status. The green status indicates an FTPES server listening on the IP and port configured.
Step 14	The server status can be controlled with the following action buttons: Save: request to save the local server details Add: request to add a new local server Delete: request to delete the local server Disable: request to disable the local server Play: initiate the start/play of the local server Pause: request to pause/stop the local server Restart: request to stop and start the server
Step 15	Additional details can be attached to a local server. Description Primary Contact Name Primary Contact Email Primary Contact Phone Secondary Contact Name Secondary Contact Email Secondary Contact Phone Customized fields Go to the Details tab. Fill in the needed details. New fields can be added using the Plus button () at the bottom of the form. A custom field is comprised of a key and value pair. Press the Save icon ().

Associate an existing account to the FTPES Server

Step 1	From the UDMG Admin UI navigation pane, select Local Servers. The Local Servers list displays.
Step 2	Select the FTPES server stonebranch-ftpes-cert-01. See Tutorial - Creating a Shared Account for instructions on creating a new account for an FTPES server.
Step 3	Select the Accounts tab.
Step 4	Select the Pencil icon to add a existing shared account to the local FTPES server. Search for stonebranch-01 and add using the arrow. Click the Save changes button.
Step 5	The account is added to the list of accounts for this server.
Step 6	It's now possible to connect to the FTPES server with this account credentials. For example with FileZilla: FileZilla log 19:22:15 Status: Resolving address of ftpes.example.com 19:22:15 Status: Connecting to x.x.x.x:4200... 19:22:15 Status: Connection established, waiting for welcome message... 19:22:15 Response: 220 UDMG-FTP-2.0.0.0 19:22:15 Command: AUTH TLS 19:22:15 Response: 234 AUTH command ok. Expecting TLS Negotiation. 19:22:15 Status: Initializing TLS... 19:22:15 Status: Verifying certificate... 19:22:15 Status: TLS connection established. 19:22:15 Command: USER stonebranch-01 19:22:15 Response: 331 OK 19:22:15 Command: PASS ******** 19:22:16 Response: 230 Password ok, continue 19:22:16 Command: CLNT FileZilla 19:22:16 Response: 200 Good to know 19:22:16 Command: OPTS UTF8 ON 19:22:16 Response: 200 I'm in UTF8 only anyway 19:22:16 Command: PBSZ 0 19:22:16 Response: 200 Whatever 19:22:16 Command: PROT P 19:22:16 Response: 200 OK 19:22:16 Status: Logged in 19:22:16 Status: Retrieving directory listing... 19:22:16 Command: PWD 19:22:16 Response: 257 "/" is the current directory 19:22:16 Status: Directory listing of "/" successful

Tutorial - Creating and Manually Starting an FTPES Server

Create the FTPES Server

Associate an existing account to the FTPES Server