FTP through ACE

Similar Messages

• Can't connect to FTP through FINDER   (other ftp clients work)

  I try to connect to my schools ftp icarus.engr.uconn.edu through finder's, Go -> Connect to Server
  but every time I try it tells me you have entered an invalid password or username. The thing is that I can connect to the ftp through any FTP client like filezilla or Cyberduck even the Terminal ftp program will connect, but not Finder. Finder tells me the password or username is invalid. ??

  Is it not prompting you? You can imbed your username or even your username + password in the URL.
  e.g.
  ftp://username@server
  or
  ftp://username:password@server
  There should be no issue connecting. BUT... the imbedded FTP in Finder only allows for downloads. You can't upload.
  You can upload via the command line FTP client, and of course a slew of 3rd party FTP clients (some of which you've already mentioned.)
  Message was edited by: Tim Campbell1
  Message was edited by: Tim Campbell1

• Carry out ftps through a CSS11501-SCA11000 ?

  Is it possible to carry out ftps through a CSS11501-SCA11000 ? If yes, please send me the details and a configuration example.
  rgds, Geert.

  Hi
  Can you check whether the following business function set were actviated
  Business Function LOG_EAM_CI_1
  Business function LOG_EAM_CI_2
  Regards
  thyagarajan

• Q: FTP through java?

  Hello,
  I am trying to do an FTP through java. Does anybody know how I can spawn an FTP process and send ftp commands to it from my java program?
  I am on a Solaris system BTW.
  Thankyou in advance...

  I see you haven't assigned any duke dollars to your question. Let me tell you how does the Duke Dollar system work. Observe the following example...
  I know the answer.
  My rates are as follows:
  zero duke dollars - vague hint
  one to five duke dollars - +definite answer
  six to ten duke dollars - +full file/package name
  ten to fiteen duke dollars - +URL information
  more than fifteen duke dollars - +full URL with download information
  Pick your choice and select the appropriate answer:
  0 - There are premade classes that allow you to use FTP in Java.
  1 - 5 IBM have created a package that will allow you to do things that you desire.
  6-10 You should be looking for the FTP Beans Suite by IBM It comprises of two beans - the FTPProtocol bean and the FTPUI bean, both are very useful, especially in your situation.
  11-15 You can find this suite at http://www.alphaworks.ibm.com
  16+ go here http://www.alphaworks.ibm.com/ab.nsf/bean/FTP to add file transfer functions to your applications... without writing a line of code.

• Delay in ping through ACE

  Hi,
  Topology:
  HOST1 <- ACE <- MSFC -> FWSM -> HOST2
  When I ping HOST1 from HOST2, I 'sometimes' experience delay in starting the ping. However, once the ping starts it continues without a problem. The issue is only while starting the ping i.e. its goes into a halt for 3,5,10, 15 seconds and then starts getting echo-responses.
  Now, HOST1 is on the Server Vlan of the ACE module. So it is bridged the client vlan which is defined on MSFC.
  Would you know of any reason why the start of the ping responds late. And this does not happen everytime.
  Could it be ARP related problem.
  Thanks.

  Since you are running redundant pair of ACE's in bridge mode, I would like
  you to check the following items
  1. Have you disabled BPDU guard & Loopgurad on cat
  You should have following configured on cat6k
  no spanning-tree portfast bpduguard default
  no spanning-tree loopguard default
  2. Are you allowing BPDUs to pass through ACE
  It can be done using an ethertype ACL to permit BPDUs and this
  ACL should be applied to both bridged vlan interfaces.
  acccess-list xyz ethertype permit bpdu
  To capture packets passing through ACE, you will need to do the following.
  Type 'monitor session 10 source interface port-channel 2xy both'
  Where 2xy is 256 + slot number of ACE.
  3. Type 'monitor session 10 destination interface fastEthernet a/b'
  Where a/b is a port that you plug your PC in on the cat
  4. Run Ethereal on your PC
  Syed Iftekhar Ahmed

• FTPS with ACE 4710

  Hi,
  I need to configure ACE for load-balancing FTPS. And simply deploying L4 policies are not helping either. Configured the FTPS servers and both of them are working fine when accessed via physical IP, but do not work when accessed via the VIP.
  if it is possible, a reference URL would really be a great help.

  Hi Rajiv,
  Do you want to loadbalance SFTP ?
  Or just have it pass through ??
  Loadbalancing SFTP is difficult because it starts as regular FTP and switches over to SSL which ACE can't do and fails to understand.
  you don't need anything to have it passthrough.
  As long as you don't ask ACE to inspect the traffic, and assuming this traffic is permitted in your access-group, then there is nothing to do to have it go through.
  I think your goal is to distribute inbound file deposits evenly across SFTP servers.
  High-level Overview
  Clients -> Internet -> Tier-1 Firewall -> ACE Load-balancer -> SFTP Servers
  I would like to tell you that SFTP is nothing but SSH. It uses a single connection. There are no issues loadbalancing it using traditional Layer 4 load balancing.
  So you are good.
  On the other hand FTP over SSL (FTPS) can neither offloaded nor loadbalanced using ACE.
  FTPS uses multiple channels and Since the control channel is encrypted, ACe is not able to get the port numbers for the data connections.
  Kindly find these examples for FTP load balance method in cisco ACE:
  1. FTP serverfarm on Cisco ACE
  http://snippets101.blogspot.com/2007/06/ftp-serverfarm-on-cisco-ace.html
  2. FTP Load Balancing on ACE in Routed Mode Configuration Example
  http://docwiki.cisco.com/wiki/FTP_Load_Balancing_on_ACE_in_Routed_Mode_Configuration_Example
  3. FTP Load Balancing on ACE in One-Arm Mode Configuration Example
  http://docwiki.cisco.com/wiki/FTP_Load_Balancing_on_ACE_in_One-Arm_Mode_Configuration_Example
  Kindly refer the folowing URL for Layer4 policies:
  http://cisco.com/en/US/products/hw/modules/ps2706/products_configuration_example09186a00809c3048.shtml
  http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA3_1_0/configuration/slb/guide/classlb.html
  http://docwiki.cisco.com/wiki/Cisco_Application_Control_Engine_(ACE)_Module_Troubleshooting_Guide,_Release_A2(x)_--_Troubleshooting_Layer_4_Load_Balancing
  http://snippets101.blogspot.com/2008/08/cisco-ace-and-private-vlans-in-switch.html
  http://snippets101.blogspot.com/2008/08/asymmetric-server-normalization-on.html
  http://docwiki.cisco.com/wiki/Cisco_ACE_4700_Series_Appliance_Quick_Start_Guide,_Release_A3(1.0)_--_Configuring_Server_Load_Balancing
  http://www.cisco.com/en/US/docs/app_ntwk_services/data_center_app_services/ace_appliances/vA1_7_/configuration/security/guide/tcpipnrm.html#wpmkr1116809
  Hope it will help you furhter in configuring the ACE load balancing L4 policies.
  Kindly rate
  Sachin Garg

• FTP through proxy

  All,
  Is it possible to use the SAP XI FTP adapter through an internet proxy?  I don't find any configuration parameters to specify the ip-address and ftp-port.
  Kind regards, Guy Crets

  It seems impossible to specifiy the ip-address and port number of a proxy server.  Only the ip adress and port number of the ftp server can be specified.
  I want to connect with the FTP adapter to an FTP server somewhere on the Internet.  To go out of our network on to the Internet, I need to go through a proxy.
  Looking forward to your feedback/answers.
  Regards, Guy Crets

• SAP Query into FTP through ABAP

  Hi Experts,
  I have an SAP query which needs to be run on a daily basis (through a back ground job) and the data that is pulled has to be stored in a file in tab delimited format and the same should be extracted to an FTP site. Can you please suggest ways for this?
  Thanks,
  Shashank.

  Hi ,
  Thanks for our reply.
  I have pasted some example code into my additional field which I have created in SAP Query But im not sure how the loop bit works and how I can populate the additional fields that I have created , could you please explain this
  CALL FUNCTION 'HR_READ_INFOTYPE'
    EXPORTING
      pernr                 = '000000019'
      infty                 = '01'
      BEGDA                 = '18000101'
      ENDDA                 = '99991231'
    tables
      infty_tab             = p0008
    EXCEPTIONS
      INFTY_NOT_FOUND       = 1
      OTHERS                = 2
      LOOP AT p0008.
  NOT SURE WHAT TO PUT IN THIS SECTION *****
    ENDLOOP.
  I have created 3 additional Fields in the infoset Current FTE ,FTE1 FTE2 , and I want to loop through the records and populate the relevant Additional field with the employees FTE  (I only want to populate  where there is a change)
  Sample Data
  Begda              Endda             FTE        Salary
  1/1/2010         31/12/999       60%         19K          (Current  FTE)
  01/08/2009     31/12/2009     100%       27k           (FTE1)
  01/07/2008     31/7/2009         50%       17K          (FTE2)
  Thanks in anticipation
  DM

• FTPS through S160 webproxy ironport

  We are using S160 ironport for Web as well as FTP proxy. Now we would like to add FTPS port 990 to go through ironport. We could access the target files through filezilla without using the proxy, but cannot do it if we use the proxy.
  Could someone please advise what steps are needed for this to be achieved? Policy trace shows that no policy is matching this URL and 'URL Blocked'
  Regards
  saif

  Hi,
  You can try running the FTPS using the Socks proxy:
  Step 1:
  Configure a SOCKS service on the proxy (by default, this will listen on port 1080)
  Step 2:
  Configure the FileZilla '
  Generic Proxy' to communicate to the ProxySG using SOCKS on port 1080
  Step 3:
  Configure Filezilla to communicate to the FTP server using FTP over TLS
  Regards,
  Kush

• RT:Why I can't make an ftp through explorer?

  Dear members,
  Actually I have a problem with the browser to connect with the target.
  My system is a peer to peer PC desktop.
  I am able to deploy and run the application without troubles and also the data exchange via the measurement and automation explorer
  works fine.
  The problem is when I try to estabilish a connection via ftp or http to the target.
   I type the usual URL: ftp://160.40.10.20/NI_RT/SYSTEM/WWW/  where the IP address is the target address and ...page cannot be displayed.
  I'm sure the firewall is inactive and I set the pop-up and security at the minimal level.
  The Web configuration in the real time target properties is so set:
  TCP/IP  box checked
  In the computer acess list I wrote the IP addresses of the target and the host
  Webserver active checked
  Webserver Browser access  I wrote the Host  IP address
  User access   I placed the Host IP
  Someone has idea what I made wrong?
  Bye
  Principiant
  Solved!
  Go to Solution.

  Thanks for the suggestion but I solved the problem finally.
  The fact is that I use a Peer to Peer connection but the host or better IE on the host has been configured for a LAN connection. This means anytime it searches an address he wants to go through the Gateway and since the gateway is not connected....
  The solution is quite straightforward:
  Starting from the tool bar of IE  follow the path Tools>>Internet Options>>Connections>>LAN Settings>>Advanced..
  Then in the field Exceptions (address which do not need a proxy connection) write the target IP address or if more than one the trgets addresses separated from a semi colon and that' s it.
  So said it seems easy....
  Principiant  

• Idle Oracle DB connection through ACE dropped after 1 hour

  Hi folks,
  I'm looking for some ideas how to troubleshoot a problem we're having with an Oracle App.
  What we are finding is that when a request takes more than an hour for the Oracle DB to process the connection is being dropped.
  When wireshark is used at DB server interface we see nothing for an hour and then a single packet RST,ACK with the source identified as the App Server.
  We have an App server farm that is behind an ACE module that is in bridging mode. The DB server is on another VLAN so the path the traffic takes is from the App Svr through the ACE from the back to the frontside vlan, through the 6506's MSFC to be routed to the DB server.
  Path like this:
  Appserver|-->VL203-->|ACE|-->VL202-->|L3 Switch|-->VL200-->|DB Server
  If we move the App server to Vlan 202 in front of the ACE the process carries on to completion (after 75 mins).
  Is there anything in the ACE settings that could cause the connection to be dropped after an hour for traffic that should simply be being bridged through?
  Any suggestions as to where to look next would be appreciated.
  TIA
  Zac

  OK Gilles, I'll look at that in the morning. However, this is where it gets interesting.
  We have DB servers on two other VLANs routed by the same switch. The connections to those DB servers don't get cut off after an hour (In the connection path I outlined swap VLAN 200 for VLAN 50 or VLAN 205) One of them is even behind the ACE in a different server farm.
  Zac

• Connections through ACE module

  when a client makes a connection to a vip which is in the client side vlan, and the ace sends the load balanced request to the rserver, and the rserver replies  - does the rserver always get nat'd to the vip in the reply - if no nat is configured? Because if teh client sends a syn to the vip and receives a syn,ack from a different ip, it'll just send a reset correct?
  how about in this example using nat~? Does teh rserver's reply get patted to 172.19.192.26, then get nated again to the vip? Or do they go straight to the client?
  vlan 195 is teh client side
  vlan 719 is the server side
  access-list acl_NAT_VIP line 40 extended permit ip 172.19.254.0 255.255.254.0 172.19.192.0 255.255.252.0
  class-map match-any NAT_CLASS_VIP
    2 match access-list acl_NAT_VIP
  policy-map multi-match NAT_POLICY
    class NAT_CLASS_VIP
      nat dynamic 5 vlan 719
  interface vlan 195
    ip address 172.19.192.19 255.255.252.0
    alias 172.19.192.18 255.255.252.0
    peer ip address 172.19.192.20 255.255.252.0
    access-group input allowall
    access-group output allowall
    nat-pool 2 172.19.195.37 172.19.195.37 netmask 255.255.255.255 pat
    nat-pool 3 172.19.195.39 172.19.195.39 netmask 255.255.255.255 pat
    nat-pool 4 172.19.195.40 172.19.195.40 netmask 255.255.255.255 pat
    nat-pool 1 172.19.195.46 172.19.195.46 netmask 255.255.255.255 pat
    nat-pool 6 172.19.195.36 172.19.195.36 netmask 255.255.255.255 pat
    service-policy input LB_POLICY
    no shutdown
  interface vlan 719
    ip address 10.1.9.66 255.255.255.240
    alias 10.1.9.65 255.255.255.240
    peer ip address 10.1.9.67 255.255.255.240
    access-group input allowall
    access-group output allowall
    nat-pool 5 172.19.192.26 172.19.192.26 netmask 255.255.255.255 pat
    service-policy input LB_POLICY
    service-policy input NAT_POLICY
    no shutdown

  Bryan,
  As long as the server replies back to the ACE the client should only be commmunicating with the VIP address in either of your two examples.
  In your first example the flow will look like this.
  client > VIP after the ACE  client > rserver
  the reply would be
  rserver > client after the ACE VIP > rserver
  In your second example using client nat it will look like this
  Client > VIP   After ACE  Natpool > rserver.
  the reply would be
  rserver > Nat-pool  after ACE VIP > client.
  The ACE by default will always nat the vip to the server ip unless you use the command "transparent" under the serverfarm. When using this command we send the packet to the MAC address of the server leaving the destination IP of the VIP. The server would need to have the VIP address configured under the loopback interface.
  Regards
  Jim

• Application Slowness through ACE 4710

  We are struggling with an issue where a user can run a report directly from the server but not from ACE loadbalanced url.
  Report run via Individual Web server URL’s
  The report takes less than 20 minutes (average 15 minutes) to fetch and return the data. This is observed 9 out of 10 times.
  Report run via ACE Load Balanced URL
  The report keeps on running for more than 20 minutes and never completes. The front end keeps showing report is running.
  The data in general when tested directly by running queries against the database (bypassing the platform) completes in 15-18 minutes
  The network connectivity for each and every ports involved (Loadbalancer/Servers) have been throulgly checked.
  Please advise what is the best way to troubleshoot this issue.
  Thx
  Ahmad

  Hello Jorge,
    Here is my response below.
  What version are you using? Version A4(2.3a)
  Can you upload these outputs?
  # show service-policy int63 class-map appbo detail
  Status     : ACTIVE
  Description: -----------------------------------------
  Interface: vlan 1 62 63 155 409
    service-policy: int63
      class: appbo
       VIP Address:    Protocol:  Port:
       170.116.253.245 tcp        eq    80  
        loadbalance:
          L7 loadbalance policy: appbo-l7slb
          VIP ICMP Reply       : ENABLED-WHEN-PRIMARY-SF-UP
          VIP State: INSERVICE
          VIP DWS state: DWS_DISABLED
          Persistence Rebalance: DISABLED
          curr conns       : 0         , hit count        : 136348   
          dropped conns    : 21       
          conns per second    : 0        
          client pkt count : 4579400   , client byte count: 1054651106         
          server pkt count : 6006908   , server byte count: 7506886155         
          conn-rate-limit      : -         , drop-count : -        
          bandwidth-rate-limit : -         , drop-count : -        
          L7 Loadbalance policy : appbo-l7slb
            class/match : class-default
              LB action: :
                 sticky group: appbo
                    primary serverfarm: appbo
                      state:UP
                    backup serverfarm : -
              hit count        : 136348   
              dropped conns    : 12       
              compression      : off
        compression:
          bytes_in  : 0                          bytes_out : 0                  
          Compression ratio : 0.00%
                  Gzip: 0               Deflate: 0        
        compression errors:
          User-Agent  : 0               Accept-Encoding    : 0        
          Content size: 0               Content type       : 0        
          Not HTTP 1.1: 0               HTTP response error: 0        
          Others      : 0        
          Parameter-map(s):
            3600-seconds
  # show stats http
  +------------------------------------------+
  +-------------- HTTP statistics -----------+
  +------------------------------------------+
  LB parse result msgs sent : 455403292  , TCP data msgs sent       : 2434371041
  Inspect parse result msgs : 0          , SSL data msgs sent       : 1740205587
                        sent
  TCP fin msgs sent         : 40338385   , TCP rst msgs sent:       : 22697825 
  Bounced fin msgs sent     : 3083341    , Bounced rst msgs sent:   : 2062455  
  SSL fin msgs sent         : 53021042   , SSL rst msgs sent:       : 89469    
  Drain msgs sent           : 260995432  , Particles read           : 749867347
  Reuse msgs sent           : 0          , HTTP requests            : 413618855
  Reproxied requests        : 232446464  , Headers removed          : 0        
  Headers inserted          : 105893583  , HTTP redirects           : 1485493  
  HTTP chunks               : 144637122  , Pipelined requests       : 42911599 
  HTTP unproxy conns        : 305776225  , Pipeline flushes         : 942      
  Whitespace appends        : 720        , Second pass parsing      : 0        
  Response entries recycled : 42882784   , Analysis errors          : 0        
  Header insert errors      : 49         , Max parselen errors      : 35941    
  Static parse errors       : 261401     , Resource errors          : 0        
  Invalid path errors       : 0          , Bad HTTP version errors  : 117      
  Headers rewritten         : 49         , Header rewrite errors    : 0        
  SSL headers inserted      : 0          , SSL header insert errors : 0        
  SSL spoof headers deleted : 0         , Unproxy msgs sent         : 305776279
  HTTP passthrough stat     : 0        
  ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  Has this ever worked before? YES but the issue is Intermittent
  Why do you have a low timeout for your sticky configuration? NOT SURE. WILL HAVE TO CHECK WITH APP OWNERS IF WE CAN INCREASE THAT
  If you clear the cookies of the browser and turn off some of the servers to test only with one, do you have the same behavior? Will try to perform this test with app owners
  In your tests, are you trying to the same type of query to your database? I mean do you see the problem if you try to update/delete/select in the database? No Refresh is pretty quick.
  What are the servers? Oracle, SQL server, MS Access? ORAGLE 11G.
  Thanks for your help!

• FTP through JAVA

  Hi, I'm writing an application to transfer (get) some files from multiple solaris servers periodically for pot processing. I've used a socked connection at port 21 and successfully established a connection. The problem i'm havng is that each other command than PWD and CWD are being rejected with message "command not understood".
  I'm writing this app for windows platform. Can anybody please come up with suggestions as i'm badly stuck!
  Thanks\\
  Haroon Mughal

  HI everyone,
  You can use the com.sun package. There they have a FTPClient class.
  Alternatively you can connect to a ftp site using the URL class as below
  URL url = new URL("ftp://user:[email protected]/polo.zip");Connect to the site and get the inputstream and read the file using streams.
  If your ftp site uses normal url without the pass and username then simple use the Authenticator class to authenticate yourself in if you need authentication
  Let me know me know whether it works
  Richard West

• Cisco ACE Issue accessing SAP applications through ACE appliance

  Hi,
  I have website whose VIP resides on my ACE appliance. That site has many links on it which are SAP applications.
  For one link, when i click it first time, user is asked for authentication which is not  actually required and get blank page.
  When I click back (go to main site again) and again click the same link, it opens normally without any authentication prompt.
  Rest all links on the site have no issues and open normally.
  I had same issue with acceptance for same application and below parameter map resolved the issue
  parameter-map type http case_param
    case-insensitive
    persistence-rebalance
    set header-maxparse-length 65535
    set content-maxparse-length 65535
    length-exceed continue
  I tried using same parameter map with persistance rebalance disbaled but still it does not work.
  What could be the issue in this case?

  Hi,
  The SAP has front end server to which ACE is sending traffic dstined to particular VIP. front end server then communicates with backend server for all date related to all applications. When client is using different applications, url in browser remains the same. All applications are working fine except this single application.
  same setup is working fine with cisco CSS and even the accepatnce is working fine for same set of applications.
  I am getting bad tcp checksum messges in capture output.
  10.38.199.196 is client IP....10.36.64.40 is VIP and , 10.36.64.86 is nat ip  and 10.36.32.55 is front end server which is user interface to various applications