Setting up Apache FTP Server on DMZ Server and Internal Application Server

[BR...@denso-diam.com]

Hello all,

After a lot of testing, I was able to figure out the previous questions I
had ( upload/download rate is in bytes per second, concurrent login
permissions is per user account/login).

I am setting up the FTP server to get file information from a database
according to user account, but stream data from an IBM IFS filesystem, and
all of that is working beautifully on my test server now.  I used the code
provided by Brett M. Bergquist (discussed in thread:
http://www.mail-archive.com/ftpserver-users@mina.apache.org/msg01185.html)
Thanks A TON Brett, you saved me untold amounts of work.

I even managed to control/close all of the data and database connections to
IFS and the Database (which are on the same server, but separate from the
server used for Apache FTP Server), so that the number of established
sockets remains the same after several logins/downloads/disconnects.  I can
provide this code if anyone else is interested.

What I need to do next is set up the production environment that this FTP
server will operate in.  There is an outward facing server in the DMZ which
users will connect to, but the database access and processing needs to be
done on the application server, behind the firewall.  Only the application
server can connect to the database and IFS.

Does anyone have any ideas on how to set this up with Apache FTP server?
Some type of FTP front-end to handle the connections, and then pass all the
commands to the application server, and receive all the responses and
filestreams, etc.

Thanks again for all of your help (and the mail archive), many of the
answers to the questions I had were found there.

-Brad


The information contained in and transmitted with this Email may be privileged, proprietary, confidential and protected from disclosure. No privilege is hereby intended to be waived. This Email is intended only for the person to whom it is addressed. If you are not the intended recipient/addressee, any use of the Email and/or its contents, including, but not limited to, dissemination, distribution or copying is strictly prohibited and may be unlawful, and you must not take any action in reliance on it. If you receive this Email in error, please immediately notify the sender and delete the original message and any copies of it from your computer system. We deny any liability for damages resulting from the use of this Email by the unintended recipient, including the recipient in error. 

Re: Setting up Apache FTP Server on DMZ Server and Internal Application Server

[Niklas Gustavsson <ni...@protocol7.com>]

On Tue, Nov 30, 2010 at 6:54 PM,  <BR...@denso-diam.com> wrote:
> I even managed to control/close all of the data and database connections to
> IFS and the Database (which are on the same server, but separate from the
> server used for Apache FTP Server), so that the number of established
> sockets remains the same after several logins/downloads/disconnects.  I can
> provide this code if anyone else is interested.

Is this using JTOpen?

> What I need to do next is set up the production environment that this FTP
> server will operate in.  There is an outward facing server in the DMZ which
> users will connect to, but the database access and processing needs to be
> done on the application server, behind the firewall.  Only the application
> server can connect to the database and IFS.
>
> Does anyone have any ideas on how to set this up with Apache FTP server?
> Some type of FTP front-end to handle the connections, and then pass all the
> commands to the application server, and receive all the responses and
> filestreams, etc.

FTP is somewhat hard to proxy due to the complexity with the data
connections. There are dedicated FTP proxy products but I do not have
any experience myself. I know that there has been some discussions
here on similar topics, so there might be others with more experience.

As for FtpServer, we support configuring a external IP for passive
data connections which should help.

/niklas