• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 6567
  • Last Modified:

AIX FTP configuration

How can I configure my AIX server to FTP to an external address
0
sgangenamoni
Asked:
sgangenamoni
1 Solution
 
woolmilkporcCommented:
Hi,
 
 would you like to have your AIX machine act as an FTP server or as an FTP client?
 
 Both features come with standard AIX.
 
 To use AIX as an FTP client you need to take care that the machine is allowed to access the external network, by configuring yor firewall and/or your proxy server, if any. Open ports 20 and 21 for the IP address of the AIX box, then issue the "ftp" command as usual.
 
 To have it run as an FTP server you must have the "ftpd" service activated.
 Check this with "lssrc -ls inetd". Look for "ftp".
 
 If it says "active" you're ready to go. Just take care that ports 20 and 21 of the machine are reachable from the external network, like above. Your external client should then be able to reach the FTP service on AIX.
 
 If "lssrc -ls inetd" doesn't show "ftp" you need to enable it.
 
 To do this issue "smitty startserver", select "ftp". Leave the next panel unchanged and hit <ENTER>.
 
 "lssrc -ls inetd" should now show "ftp" as active.
 
 Given your firewall settings are OK, AIX is now ready to be used as an FTP server.
 
 All AIX users except for those listed in /etc/ftpusers are allowed to use this server.
 
 Attention: No "chrooting" is done by default!
 
 Further configuration can be done by editing the file /etc/ftpaccess.ctl.
 "man ftpd" gives useful information on how to do this.
 
 wmp
 
 
 
 
 
 
 
 
0
 
sjm_eeCommented:
If you mean, "can I ftp to or from a machine outside your organisation from a machine inside you organisation, then check the following - as there is no specific AIX configuration required to enable ftp to access external addresses.

First thing is, can your AIX server "ping" the external address that you are interested in? For example, I can do the following from a machine in my organisation:

C:\Documents and Settings\Administrator>ping testcase.boulder.ibm.com

Pinging testcase.boulder.ibm.com [170.225.15.31] with 32 bytes of data:

Reply from 170.225.15.31: bytes=32 time=153ms TTL=238
Reply from 170.225.15.31: bytes=32 time=157ms TTL=238

Ping statistics for 170.225.15.31:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 153ms, Maximum = 157ms, Average = 155ms
Control-C
^C
C:\Documents and Settings\Administrator>

If you get get following then you need to check the DNS configuration of the machine:

21:25 $ ping does.not.exist
ping: host name does.not.exist NOT FOUND
21:25 $

The try the following (the IP address is correct at the time of writing):

ping 170.225.15.31

Once you can ping testcase, try using ftp to it:

C:\Documents and Settings\Administrator>ftp testcase.boulder.ibm.com
Connected to testcase.boulder.ibm.com.
220-IBM's internal systems must only be used for conducting IBM's
220-business or for purposes authorized by IBM management.
220-
220-Use is subject to audit at any time by IBM management.
220-
220-Before using this service for technical support purposes, refer
220-to the terms of use for Exchanging Diagnostic Data with IBM
220-(see http://www.ibm.com/de/support/ecurep/service.html).
220-
220 testcase-yellow secure FTP server ready.
User (testcase.boulder.ibm.com:(none)):

If "ping" works but "ftp" doesn't, then you need to talk to the network administrator's of your organisation to enable ftp in the desired direction.
0
 
sgangenamoniAuthor Commented:
My ping to the IP address is not working So I guess at this point I need to talk to my network guy to provide me the proxy to access the extenal network...
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now