Enter search queries below or use the tag links to the right to browse the knowledge base by category (Show All Tags).
How to accept FTP and SFTP connections without opening the firewall
A common security policy, particularly among banks and other financial institutions, is to prohibit accepting any inbound connections from the Internet. Yet, many business processes require providing a way for customers and/or trading partners to drop off files, usually via FTP, FTPS, or SFTP.
Robo-FTP and Robo-FTP Server offer powerful automation features that make it possible to meet both sets of requirements.
This knowledge base article describes one simple method for setting up a "store and forward" system to automatically manage inbound file transfers.
Outside the Firewall (DMZ)
The first step is to set up Robo-FTP Server on a machine that is outside the firewall (in the DMZ) to accept inbound FTP, FTPS, and/or SFTP connections. You will set up a user account and home directory for each customer and/or trading partner. You will also set up one user account that has read/write permissions on all the other users' home directories.
Inside the Firewall
The second step is to set up Robo-FTP on a machine that is behind the firewall. Robo-FTP can then be configured to run a script as a service that will establish a connection to Robo-FTP server and monitor all the home directories. When Robo-FTP detects that a file has been uploaded to the server in the DMZ, it can pull that file back behind the firewall, remove the file from the server, and perform any other tasks (unzipping, decrypting, sending notification, etc.).
Article last updated: 2021-11-29
Tags: DMZ, Firewall