Active and Passive FTP
Hi
I want to setup an Passive FTP and an Active proxy service in Oracle Service Bus 10.3. What is the best way of doing this?
Regards
see support note 860423.1
Oracle Service Bus FTP transport is implemented to use passive mode in proxy services (inbound) and active mode in business services (outbound).
This behavior can be changed and OSB can be forced to use passive mode for both inbound and outbound FTP requests by applying a patch.
Similar Messages
-
Document Splitting - Active and Passive
Hi,
What is the difference between active and passive split?? Please explain with an example.
Regards
SatyaActive document splitting means document splitting basing on the Business Transaction/Transaction Variant assigned to the document type and the Item Category assigned to the GL account. System determines and does the splitting of each line item in the document, basing on the configuration you have done. You have control over active splitting.
Passive splitting is something that you do not have control over. System takes the document splitting characteristics from the original document that it is referencing, for example, a reversal document that always references to the original document that is being reversed. The configuration that you do does not affect passive splitting.
See the following example.
http://help.sap.com/erp2005_ehp_04/helpdata/EN/49/11da8b97244a19e10000000a42189b/content.htm -
ACE access-list and Passive FTP
Can servers sitting behind the ACE successfully ftp files if the following rules are in place?
access-list word line x extended permit tcp source destination eq 21
access-list word line y extended permit tcp source destination eq 20
With those lines I can establish an FTP session, but unable to transfer files.
With the following statement access-list word line x extended permit ip source destination, passive ftp works?
IS this because the ACE acl does not allow for stateful inspection of an FTP session?
Thank youYou are right lack of fixup/inspect is the reason for FTP connections to fail.
You need something in line with the following config
class-map match-all FTP-Traffic
2 match port tcp eq ftp
policy-map multi-match xyz
class FTP-Traffic
inspect ftp
Syed Iftekhar Ahmed -
MetaData Repository with an active and passive Infrastructure Server
Are there documentation or has architected where there are 2 infrastructure servers running with OID, SSO, etc, one being passive and the other active connecting to a single repository on a DB server?
As a side note, the 2 infra servers would be tied to a DNS so if one should fail, the other should show active.
What were your major hurdles in this implementation?
Have you had to failover to the passive instance of the Inf server?
Any insight is greatly appreciated, thanks in advance.You have more than one Oracle Release on the Server. hence more than one ORACLE_HOME.
Check which is your default ORACLE_HOME on the server and check which of the homes PERL5LIB environment variable is pointing from both command prompt and in Windows.
That could explain the funny bahaviour. If you change ORACLE_HOME, that could help. -
Balance Sheet Active and passive side set up
My client wants the balance sheet as per Indian Standard that Left side Liabilities and Right side Assets how to do that please suggest.
Regards.Hello Syed,
Thanks for the feedback. I am not quite familiar with the Indian financial report template, however by my testing, it's possible to list the Liability first in the report and then Assets following. The prerequisite is to set the Liability to Active Group because the system will list the Accounts in Active Group first and this will not affect the amount of relative account. Please test through the above steps to see if this is what you want.
Regards,
Xu Zhang
SAP Business One Forums Team -
Let's Revisit MacOS Server's Passive FTP Problem
Mac OS X Server's built-in FTP server can't be configured to determine which ports above 1024 will be used for Passive FTP connections. More often than not, this means that clients behind NAT routers (for a variety of complicated reasons) can't discover which of the "high ports" are being used in their passive connection. Furthermore the Mac OS X administrator would have to open every port above 1024 to anticipate connections, severly weakening the security of the system.
The effect for the user is that their FTP client can connect, but can't list the contents of a directory or upload/download anything.
Here's a primer on the difference between Active and Passive FTP:
http://slacksite.com/other/ftp.html
Apple introduced a "solution" to the problem by making this addition to the Network Services manual sometime around 10.3 server:
"See if the client is using FTP passive mode, and turn it off. Passive mode causes the FTP server to open a connection on a dynamically determined port to the client, which could conflict with port filters set up in IP filter service. "
This was a tacit admission that MacOS's various FTP daemons over the years have unchangeable, precompiled configurations. The typical workaround was choppy, but workable: replace Apple's built-in FTP daemon with a fully configurable one like ProFTPd or PureFTPd, configure a narrow range of ports for your own security, and configure your firewall to match.
We're on Tiger server now and that's still in the Network Services manual. Leopard or whatever is looming. Will Apple ship an FTP server that works out-of-the-box with its own firewall this time? Any new thoughts or solutions?I think you need to do a little more research on FTP. Most of the actual problems you describe are inherent in FTP and nothing to do with any kind of Apple-inhibited FTP server.
For example, you say:
> Mac OS X Server's built-in FTP server can't be configured to determine which ports above 1024 will be used for Passive FTP connections
Not true. You can choose whatever port range you like using the portrange directive in /etc/ftpd.conf
By default this directive isn't set so the entire port range is used. Feel free to change that.
>The effect for the user is that their FTP client can connect, but can't list the contents of a directory or upload/download anything.
This is an inherent flaw in FTP, suffered by every FTP server on the market. Nothing to do with Apple.
> This was a tacit admission that MacOS's various FTP daemons over the years have unchangeable, precompiled configurations
Again, incorrect. The suggestion was a workaround for the FTP protocol restriction, not for Apple's implementation. I've been dealing with the exact same issues for years on various Sun servers I've run.
Most of the problems you describe regarding FTP and firewalls won't be solved at all in any future OS update - from any vendor. FTP was never designed with firewalls and security in mind. The only solution is to fix the underlying protocol, or use something different altogether. -
OSB 11g - FTP Transport - Active or Passive connections?
Hi,
When we create a Proxy Service in OSB to use FTP transport, which type of connection OSB establishes with the server? Is it active FTP or passive FTP conecction?
Thanks,
Sanjay
Edited by: Sanjay Bharatiya on 20-Dec-2010 11:46 AMOSB uses passive mode for proxy services and active mode for business services. There is a patch available which will make both proxy and business services to use passive mode. If you need the patch please open a Service Request in MyOracle Support and mention the support Note (860423.1)
Passive mode is desired if you want to open the firewall ports, if any, from OSB server to FTP server only and not other way from FTP Server to OSB server. -
CSS and Extended Passive FTP problem.
Hi everyone.
I'm having a problem setting up a load balanced cluster of FTP servers behind a CSS 11506.
I can FTP into the cluster fine. I am redirected to one of the machines in a round robin fashion and can log in. The problem arises on mac's where typing in an ls command returns this:
ftp> ls
229 Entering Extended Passive Mode (|||32999|)
200 EPRT command successful
421 Service not available, remote server timed out. Connection closed
Now, if I type in the EPSV command and disable Extended Passive Mode prior to connecting to it, it works fine.
Also, connecting to any of the servers directly with epsv enabled works fine as well.
We have over 800k hits per month and telling everyone to disable epsv will be a problem. Is there a way to enable extended passive mode through the css?
Here is my config:
Group: ftpServers1 - Active (198.202.122.181 Not Redundant)
Session Redundancy: Disabled
Last Clearing of Stats Counters: 03/20/2007 14:28:25
Associated ACLs: NONE
Source Services:
DNS
Name: Hits: State: Load: Trans: Keepalive: Conn:
rem_ftp1 19857 Alive 44 6 FTP 0
rem_ftp2 38175 Alive 87 0 FTP 0
Destination Services:
NONE
Group Service Total Counters:
Hits/Frames/Bytes: 58032/58339/4277264
Connections Total/Current: 25/0
FTP Control Total/Current: 0/0
CSS11506# show rule pdb ftp-rule1
Name: ftp-rule1 Owner: pdb
State: Active Type: FTP
Balance: Round Robin Failover: N/A
Persistence: Enabled Param-Bypass: Disabled
Session Redundancy: Disabled
IP Redundancy: Not Redundant
L3: 198.202.122.181
L4: TCP/21
Url:
Redirect: ""
TCP RST client if service unreachable: Disabled
Rule Services & Weights:
1: rem_ftp1-Alive, S-1
2: rem_ftp2-Alive, S-1
Thanks
BokiEPSV is not supported.
The only workaround available to load balance passive ftp servers is to use "PASV" command instead of "EPSV" on clients.
Syed Iftekhar Ahmed -
Passive FTP and the Leopard firewall
Hi,
We have an staff upload server that uses the built-in Leopard firewall. It is fed by two proprietary applications, one of which uses passive ftp only. We are getting a small number of incidents where the passive upload is unsuccessful. Initial contact is made (visible in the logs and as a connection in the server admin gui) but the upload doesn't proceed. A user might try uploading several times without success. On other occasions, the same user from the same computer has no problems at all.
We have the ftp service enabled on port 20-21 and the FTP service PASV port range enabled 49152-65535.
If I add the uploading computers' ip number to an access group with no port restrictions on the firewall, the uploads are always successful.
With my very limited knowledge of ftp and firewalls, this suggest that the negotiated port for the data transfer is outside the default port range used by Apple. Is this likely? Are there any implications in changing the range?
Or am I totally confused and should I be looking elsewhere?
Thanks,
Ross GloverBy default, the FTP server doesn't restrict itself to any particular passive port range. To make it match what the firewall claims it should be, edit the file /Library/FTPServer/Configuration/ftpaccess and add the line:
passive ports 0.0.0.0/0 49152 65535
...then restart the FTP service and retest. -
Hi Folks,
I have a requirement to design and Build the sqlserver 2005 cluster across two data centers .Typically
the design would look like:
1) Create a 2 node sqlserver 2005 cluster active/active in production.
2) Create a 1 node active instance in DR.
Can you please explain how to Build the sqlserver 2005 active/active 2 node cluster in the production site.
on the other hand i am thinking of setting a log shipping to DR from the sqlserver instance in prod.
Thankshttp://www.mssqltips.com/sqlservertip/1554/sql-server-clustering-active-vs-passive/
Best Regards,Uri Dimant SQL Server MVP,
http://sqlblog.com/blogs/uri_dimant/
MS SQL optimization: MS SQL Development and Optimization
MS SQL Consulting:
Large scale of database and data cleansing
Remote DBA Services:
Improves MS SQL Database Performance
SQL Server Integration Services:
Business Intelligence -
Any way to set "active mode" for FTP, or to use sFTP instead?
I have a web host that does not support passive FTP mode. I need to either set the mode to be "active mode", or I need to use secure FTP (sFTP). Is there any support for either of these within Muse?
Hi
By default , Adobe Muse FTP option uses " Passive Mode" , I am afraid its not possible to switch to "Active Mode" or to switch to Secure FTP. Alternatively, you may export the site locally using " Export as HTML " and then you may use third party FTP client to upload the site to your third party hosting using Active or Secure FTP.
Let me know if you have any further query. -
Switch over from active to passive in the cluster
If online EMS Sun Server goes off line , the client looses the connectivity with EMS till the IP address of the other online server is updated in client PC.
When the servers switch over from active to passive in the cluster, we have to change the server IP settings at the client PC manually. Since both the active as well as the passive servers will be pinging, we are not in a position to identify the active/passive servers, so automatic server setting is not possible at the client.
How to find out the solution for which server is active when the swich over is happend.Hi Kristoffer,
remember to click on enable schedule when you schedule a package.
To know if a scheduled package is ok you can see first if present in the tblschedule of your appset and also if present in the windows task schedulerif with status "ready".
After you just have to check the view status if you found the package execution completed you're sure it's running. " version at the same time can cause issues also with different packages better to schedule with a sufficient delay to be sure that the first has ended, in your case 1 package is ok.
I would delete the 2 packages from bpc, checking also the windows scheduler to be sure that no packages are running and rebuild one from scratch setting repeat every 4 hours and checking "enable schedule".
Regards
Roberto -
Passive FTP Port Range -- Server 10.3.x Panther
I know that the port range for Passive FTP is >1024, but I want to define that to a smaller group of unused ports so that I can specify that those ports are open in the Firewall.
Can, how, and where do I define this port range??I just opened from 13658-65534 and this seems to be fine (although not been running very long). I took the view that opening a stack of ports was not really any worse than just opening a quarter as much. Arguably, it's no worse than just opening one.
However, we only use it from time to time and FTP services is off unless specifically required. If I was going to run it for serious use I think I would put it on a dedicated server and put it in a DMZ.
Reading up on FTP security is on my To-Do list...
-david
[EDIT] The server is also well locked down for SSH. -
I have a problem with my FTP server, or something. I have
created a site, set it up, where the files need to go etc., but
when I test my connection it times out and says to try toggling the
passive FTP mode. Where do I find this? I have looked everywhere
(or so I think).. any help is useful at this point.
Thanks
T.SanchezSite Definition > Advanced Tab > Remote Site
Likely that's not the problem, but give it a try....
Murray --- ICQ 71997575
Adobe Community Expert
(If you *MUST* email me, don't LAUGH when you do so!)
==================
http://www.projectseven.com/go
- DW FAQs, Tutorials & Resources
http://www.dwfaq.com - DW FAQs,
Tutorials & Resources
==================
"TSanchez012" <[email protected]> wrote in
message
news:fvfql1$r3l$[email protected]..
>I have a problem with my FTP server, or something. I have
created a site,
>set
> it up, where the files need to go etc., but when I test
my connection it
> times
> out and says to try toggling the passive FTP mode. Where
do I find this? I
> have
> looked everywhere (or so I think).. any help is useful
at this point.
>
> Thanks
> T.Sanchez
> -
SFTP and the FTP Log - DW MX2004
Can anyone tell me why DW MX2004's FTP Log just records blank
lines when using SFTP? Is there a way to change this and do later
versions do the same thing?
Thanks!Folks:
Problem solved.
It's clear that FTP and SFTP are fundamentally different protocols, but the DW protocol selection strongly implies similarity by offering SFTP as a minor option under the main selection of FTP. I think it would be much clearer if SFTP were offered as a major option -- and then there would be an opportunity for offering SFTP options, too.
Here's a way of distinguishing which of these two is active: Connecting to the target site using FTP results in a succession of text entries in the optionally viewable FTP log -- no surprise. I discovered that connecting to the same site with the same credentials and the addition of checking the "Use SFTP" option results in only line feeds --scrolling, but no visible text-- in the FTP log window. I guess that's a reasonable though a bit indirect way of informing users that the link is active and secure. (What does one do to diagnose problems with SFTP for hosting services that don't support FTP? I don't know there are such services but it should be the great majority of them.) Works in DW CS3 but I didn't check CS5.
Another option, untested but fairly obvious: It's fairly easy these days to control host s/w (personal) firewalls -- even for low-tech users. Establish and verify a link to your server using SFTP, then disable FTP; the link should fail. And vice-versa. This meets my specification of "simple" and should be available with no extra expense and little trouble.
Brief Editorial: From the recent reading I've done on FTP versus SFTP, it is clear that the time to discontinue all support for FTP is long past.
hen3ry
Maybe you are looking for
-
As soon as I try to log into gmail, instead of entering the service. It is trying to force me to download a page or file from gmail.
-
My scanner isn't a choice in File Import in PSE 8 for Mac
I just loaded PSE 8 in my new Macbook (Snow Leopard), but my Epson scanner doesn't appear in File>Import. I've followed all the instructions I can find including loading Rosetta and downloading the Twain drivers from the Epson site. Can anyone help?
-
Can we update mseg table through badi mb-migo_badi or not???
Hi Experts I had a requirement to add an additional tabstrip at the item level of MIGO transaction . I have implmeented the same using MB_MIGO_BADI . I have also added a field quantity on this tab. The problem now is i'm not able to update this field
-
So basically i want exactly what the title says.I have the stage and two symbols...each symbols contain their own elements.Symbol_1 has some static elements which will act as buttons and Symbol_2 has some images that are animated...at the beginning o
-
How to use the method calendar.getTimeInMillis() and setTimeInMillis(bb)
I have met some problems in writing my programme,I want to know what the time is after every 20 minutes so have written some codes as below ,but the compilar warned me that there are some errors in them ,and I don't know how to use them correctly ,ca