FUJITSU Cloud Service S5 Setup and Configuration of the FTP Service under Windows 2008/2012 Server This guide details steps required to install and configure a basic FTP server on a Windows 2008/2012 VM Assumptions User Account, Certificate and connectivity to the platform No current Active Directory (AD) configured Familiarity with the platform portal basic configuration and administration tasks Familiarity with the platform portal System Manager and Design Studio Username and password FTP authentication is required. Anonymous and more advanced levels of authentication are out of scope of this guide A Windows 2008/2012 VM has been deployed in the DMZ network, a Global IP Address has been allocated and the VM has been configured to use the platform DNS Service. Firewall Configuration for the FTP service 1. Enable the Global IP Address, configure the DNAT/SNAPT settings in relation to the FTP VM and note the Public IP Address, e.g. 62.60.19.79 2. Create a FW rule to allow the incoming FTP connection on port 21 from the Internet to the Public IP address of the FTP VM in the DMZ network. Note the firewall automatically allows data communication on port 20 for the IP address initiating communication on port 21. Installing FTP Server on Windows Server 2008 1. Select Start Administrative Tools Server Manager 2. Select Roles Add Roles Next 3. Select Web Server (IIS) Next Next Next Install Close Date: 08/08/2016 Page 1 of 6
4. Highlight Roles Web Server (IIS Add Role Services (right pane) 5. Check the FTP Server box and click Next Install Close to complete the installation of the FTP service 6. Close Server Manager Configuring FTP on Windows Server 2008 for Named User Access The first step is to create a local FTP user account. To do this: 1. Select Start, right click on Computer and select Manage. 2. In Server Manager, expand Configuration Local Users and Groups Users. 3. Right click and select New User entering the following details (including a password of your choice), then click Create, and then Close. Date: 08/08/2016 Page 2 of 6
4. This account will require the appropriate permission to the destination FTP folder E.g. Read, Write, Change etc. In the case of this example, the following folder C:\inetpub\ftproot; will be used. Within Explorer, right click on the Folder, select Properties Security Tab Edit. Click Add Enter Username and Click Ok. Tick the required permissions and click Ok, then Ok. 5. Select Start Administrative Tools Internet Information Services( IIS) Manager 6. Right click on the Web Server name and select Switch to Content View 7. Select Add FTP Site (Right pane) 8. Enter a name for the FTP Site and specify the Physical Patch to the Content Directory, and click Next : Date: 08/08/2016 Page 3 of 6
9. Select the servers internal IP address from the dropdown box, select No SSL radio button and click Next: 10. Enter the Authentication and Authorization details, tick the Basic box, specifying the account created previously and permissions as appropriate and click Finish : 1 The FTP Service and Test User creation is now complete for the system and ready to test from FTP client. Windows 2012 The same process applies to Windows 2012, although some of the steps differ due to changes to the Windows 2012 User Interface. See below for information: Installing FTP Server on Windows Server 2012 1. Select Server Manager 2. Select Add Roles and Features Next Next Next 3. On Server Roles screen check the box for Web Server (IIS) Add Features Next 4. Click Next on Features menu, and Next again on Web Server Role (IIS) screen 5. On Role Services screen scroll down and check FTP Server and click Next Install Close to complete the installation. 6. Close Server Manager Date: 08/08/2016 Page 4 of 6
Configuring FTP on Windows Server 2012 for Named User Access The first step is to create a local FTP user account. To do this: 1. Select the Start menu and start to type Computer Management, selecting Computer Management icon when it appears. 2. In Computer Management, expand System Tools Local Users and Groups Users. 3. Right click and select New User entering the following details (including a password of your choice), then click Create, and then Close. 4. This account will require the appropriate permission to the destination FTP folder E.g. Read, Write, Change etc. In the case of this example, the following folder C:\inetpub\ftproot; will be used. Within Explorer, right click on this Folder, select Properties Security Tab Edit. Click Add Enter Username and Click Ok. Tick the required permissions and click Ok, then Ok 5. Select Start Administrative Tools Internet Information Services( IIS) Manager 6. Right click on the Web Server name and select Switch to Content View 7. Right click again, this time selecting Add FTP Site 8. Enter a name for the FTP Site and specify the Physical Path to the Content Directory e.g C:\inetpub\ftproot, and click Next 9. Select the server s internal IP address from the dropdown box, then select the No SSL radio button and click Next 10. Enter the Authentication and Authorization details, tick the Basic box, specifying the account created previously and permissions as appropriate and click Finish The FTP Service and Test User creation is now complete for the system and ready to test from a FTP client. Date: 08/08/2016 Page 5 of 6
Contact FUJITSU Cloud Service S5 Team FUJITSU E-mail: GlobalCloud@uk.fujitsu.com Website: uk.fujitsu.com All rights reserved, including intellectual property rights. Technical data subject to modifications and delivery subject to availability. Any liability that the data and illustrations are complete, actual or correct is excluded. Designations may be trademarks and/ or copyrights of the respective manufacturer, the use of which by third parties for their own purposes may infringe the rights of such owner. Copyright Fujitsu Services Limited 2016 Date: 08/08/2016 Page 6 of 6