Trading Networks 10.3 | Administering and Monitoring B2B Transactions | Managing File Transfers with ActiveTransfer | Administering ActiveTransfer with Command Central | Managing Listeners | Advanced Functionalities for Listeners
 
Advanced Functionalities for Listeners
This topic describes additional functionalities you can use to configure advanced settings for listeners in ActiveTransfer:
Access
You can configure access settings for a listener that uses FTP protocol for an ActiveTransfer Server or an ActiveTransfer Gateway instance. An ActiveTransfer Server or an ActiveTransfer Gateway instance can work in the following FTP modes:
*In passive FTP mode, the client initiates a connection to the server specified from the range of port numbers for such a data connection. This is the default mode. This mode is used when it is not possible to create an outgoing connection to a client machine. For example, when a firewall imposes restrictions on connections.
*In active FTP mode, the server creates an outgoing connection through the specified listener to the client machine for data transfer as specified in the FTP commands issued by the client.
Note:
Ensure that you provide access for the listener in your firewall settings. Otherwise, connections between the client machine and ActiveTransfer Server might be blocked.
Encryption
You can set encryption methods for ActiveTransfer Server or ActiveTransfer Gateway listeners that use FTP protocol.
ActiveTransfer supports Transport Layer Security (TLSv1) and Secure Sockets Layer (SSLv3) cryptographic protocols that provide internet communication security. FTP protocol uses two types of client security methods:
*Explicit.: Connections between an FTPS-aware server and the clients remain secure even if the clients are not FTPS-aware.
*Implicit.: SSL authentication is used for all clients that connect with the FTPS server for each session. This method is not compatible with clients that are not FTPS-aware.
SSH Server Host Keys
ActiveTransfer supports both RSA and DSA encryptions.
Note:
When you create a default SFTP listener in an ActiveTransfer Server or ActiveTransfer Gateway instance, the default RSA and DSA keys are used for login. The default RSA and DSA keys are adequate for demo or testing purposes. However, in production environments, we recommend that you replace these default keys with your own RSA and DSA keys.
SSH Supported Ciphers
Ciphers are algorithms that are used to encrypt or decrypt data. In ActiveTransfer, you can set the supported ciphers for SSH. The ciphers, aes192-cbc, aes192-ctr, aes256-cbc, aes256-ctr, and arcfour256 require strong Java security policy certificates. You need to set the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JDK/JRE in order to use these ciphers. Java comes with a default maximum key strength of 128 bytes.
SSH Connection Settings
SSH connection settings include the following:
*Default character encoding that controls how ASCII characters are encoded when sent to a client.
*Use of asynchronous threading to enable tasks to run in parallel. Asynchronous threading is useful to transfer a file to multiple external locations concurrently instead of sequentially.
*Number of seconds to wait before disconnecting an idle connection.
*Handshake options to use when establishing a secure connection with a partner.