No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CloudEC V600R019C00 Security Maintenance (Enterprise On-premises, Only Conference)

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the FTPS Server

Configuring the FTPS Server

Prerequisites

A server certificate and private key file that are issued by a CA in the industry are available, and ensure that the server certificate and private key will not be obtained by unauthorized personnel.

NOTE:

VP9600 series MCUs communicate with the FTP server through File Transfer Protocol over SSL (FTPS). It is recommended that you apply for and import the FTPS security certificate.

Background

The FTPS is an extension of the commonly used File Transfer Protocol (FTP) to support the Secure Socket Layer (SSL). When an FTPS server is installed and configured properly, you can use the FTPS server to upgrade the VP9600 series MCU and import and export files.

This section uses the FileZilla server as an example to describe how to configure an FTPS server.

FTP Server Settings

  1. Set the IP address of the computer where the FTP server is deployed and the IP address of the VP9600 series MCU to be in the same network segment.
  2. Install the FTPS server on the computer (use the FileZilla_Server-0_9_43.exe as an example).
  3. Double-click to start the FTPS server.

    The dialog box shown in Figure 6-8 is displayed.

    Figure 6-8 Connect to Server dialog box

  4. Keep the default values, and click OK.
  5. Choose Edit > Settings.
  6. In the dialog box that is displayed, click SSL/TLS settings in the left pane and select Enable FTP over SSL/TLS support (FTPS).
  7. Click Browse to import the private key and certificate file, respectively.

    NOTE:
    • After importing the certificate, skip 8 and 9 and perform 10.
    • If lower security requirements are required and no FTPS certificate is available, skip this step and perform 8 through 10.

  8. (Optional) Click Generate new certificate.

    The dialog box shown in Figure 6-9 is displayed.

    Figure 6-9 Generating a certificate

  9. (Optional) In 2–Digit country code, enter the 2-digit country code. Click Browse to set the path for storing the certificate, and click Generate certificate.

    The FileZilla Server Options dialog box is displayed, and the certificate file and private key file have been imported.

  10. Click OK.

    The main page is displayed.

  11. Choose Edit > Users.

    The Users dialog box is displayed, as shown in Figure 6-10.

    Figure 6-10 Users

  12. Click Add to create a user name, for example, MCU, select Enable account and Password, and set the password to mcu.
  13. In the Users dialog box, choose Shared folders > Add, specify the save path for the upgrade software, and select Read, Write, Delete, and List, as shown in Figure 6-11.

    Figure 6-11 Specifying the save path for the upgrade software

    The upgrade software must be stored in a home directory; otherwise, the installation will fail. In Figure 6-11, H is displayed next to the upgrade software storage directory, which indicates that the directory is a home directory. If the directory is not a home directory, click Set as home dir to set it as a home directory.

  14. Click OK.

MCU Settings

  1. Log in to the MCU from PuTTY.
  2. At the <HUAWEI VP9650> prompt, enter system-view ftp-server and press Enter.
  3. At the ftp server ip addr[192.168.1.200]: prompt, enter the IP address of the FTP server and press Enter.
  4. At the user name{max len:32}[y]: prompt, enter the user name, for example, mcu, and press Enter.
  5. At the user password{string, max len:32}[******]: prompt, enter the password, for example, mcu, and press Enter.
  6. At the <HUAWEI VP9650> prompt, enter system-view ftp-enable-tls-check and press Enter.
  7. At the ftp enable tls check{0: disable; 1:enable}[1]: prompt, enter 1 and press Enter.

    NOTE:

    It is recommended that you enable TLS verification to ensure communication security. After enabling TLS verification, import the FTPS certificate. For details about how to import the certificate, see Replacing the VP9600 Series MCU Security Certificate(V500R002C10).

    If lower security requirements are required and no FTPS certificate is available, set this parameter to 0.

  8. At the <HUAWEI VP9650> prompt, enter save and press Enter.

    The following information is displayed:

    are you sure to save config?(y/n)

  9. Enter y and press Enter.
Translation
Download
Updated: 2019-08-07

Document ID: EDOC1100059091

Views: 17869

Downloads: 10

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next