on 2009 Jun 26 3:48 PM
We have been using the SAP Standard program, RSFTP002, to ftp files to remote servers for many years. We have now had a requirement to send via secure ftp. We are using R/3 4.6C. Unfortunatley this is not a straight forward change and it seems we may need to install some client software to enable this.
I have searched for any SAP notes and in several user groups but have not been too sucessful.
Has anyone ever set this up before? What client software did you use?
Any pointers / advice on this would be much appreciated.
Many thanks,
Steven
On Our Case it was so that we use Port 990 as already written.
But it was nevversary to set a Firewallfilter to allow communication in that port.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Further to my initial post, I have now discovered that there are additional options on the ftp command on iseries, so I am hoping if I can perform this manaully, then a CL called from SAP would allow me to resolve this challenge.
I am trying to use the command below but this will use the port 990.
FTP RMTSYS(INTNETADR) INTNETADR('*.*.*.*') PORT(SECURE) SECCNN(*SSL)
The vendor is requesting that we use port 443 for secure ftp with SSL and even specifying this in the command as below still does not work. It seems to me there may be an issue at the receiving end. Port 443 is normally used for https so not sure whether specifying this port could cause issues. The resultant error is below.
FTP RMTSYS(INTNETADR) INTNETADR('*.*.*.*') PORT(443) SECCNN(SSL)
Connecting to remote host 62.39.53.181 using port 443.
No response from remote host; all connections closed.
Any other comments would be welcomed.
Many thanks,
Steven
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Steven,
I would try port 21 (normal ftp control port).
Please note the "Firewall Incompatibilities" explained in wikipedia:
********
Because FTP utilizes a dynamic secondary port (for data channels), many firewalls were designed to snoop FTP protocol control messages in order to determine what secondary data connections they need to allow. However, if the FTP control connection is encrypted using TLS/SSL, the firewall cannot determine the TCP port number of a data connection negotiated between the client and FTP server.
Therefore, in many firewalled networks, an FTPS deployment will fail when an unencrypted FTP deployment will work, but this problem can be solved with the use of a limited range of ports for data and configuring the firewall to open these ports.
********
Best regards,
Victor
Hi Victor,
Thankyou for your reply. I tried with 21, but still not luck.
Unfortunately our vendors ISP is telling him that they can can only open SMTP, HTTP and HTTPS ports, and he must use ports 80 and 443 for FTP.
Seem like I need to force the issue to try and open up an addtional port as this seem very restrictive.
With regards,
Steven
Steven,
had a similar problem. Solved it with utilities ported to i5 (openssh and sftp).
Here is a description and guide- http://www-03.ibm.com/servers/enable/site/porting/tools/openssh.html
Requires that You install PASE and 5733-SC1
Kind regards,
Renato
Hi Steve,
Can you check the following note
Note 758667 - iSeries: Installing sapcrypto library for R/3
Thanks,
Sridhar
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
70 | |
10 | |
8 | |
8 | |
7 | |
7 | |
6 | |
6 | |
6 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.