Configuring basic parameters
Step
1.
Enter system view.
2.
Enable the FTP server.
3.
(Optional.) Use an ACL to
control access to the FTP
server.
4.
(Optional.) Configure the
idle-timeout interval.
Configuring authentication and authorization
Perform this task on the FTP server to authenticate FTP clients and set the authorized directories that
authenticated clients can access.
The following authentication modes are available:
Local authentication—The device looks up the client's username and password in the local user
•
account database. If a match is found, authentication succeeds.
•
Remote authentication—The device sends the client's username and password to a remote
authentication server for authentication. The user account is configured on the remote
authentication server rather than the device.
The following authorization modes are available:
•
Local authorization—The device assigns authorized directories to FTP clients based on the locally
configured authorization attributes.
Remote authorization—A remote authorization server assigns authorized directories on the device
•
to FTP clients.
For information about configuring authentication and authorization, see Security Configuration Guide.
Manually releasing FTP connections
Task
Manually release FTP connections.
Command
system-view
ftp server enable
ftp server acl { acl-number |
ipv6 acl-number6 }
ftp timeout minutes
Command
•
Release the FTP connection established using a specific user
account:
free ftp user username
•
Release the FTP connection to a specific IP address:
free ftp user-ip [ ipv6 ] client-address [ port port-num ]
64
Remarks
N/A
By default, the FTP server is disabled.
By default, no ACL is used for access
control.
The default idle-timeout interval is 30
minutes.
If no data is transferred between the
FTP server and FTP client within the
idle-timeout interval, the connection is
terminated.