JunosE 11.3.x System Basics Configuration Guide
Configuring the FTP Server
296
The maximum file size is 32 MB for file transfer. The release package for JunosE Release
6.1.0 and higher-numbered releases includes a split version of all release images that
exceed 32 MB. Each chunk is less than 32 MB. You can therefore use TFTP with JunosE
Release 6.1.0 and higher-numbered releases to transfer large software images. The
JunosE Software copies the split images and reassembles them to full size on the router.
The file system on the router does not contain any additional images as a result of this
operation.
To transfer files by the system's FTP server, you must configure the FTP server and ensure
that FTP client software is installed on the network host.
Although you can transfer any type of file by FTP to the E Series router, the principal aim
of this feature is to allow the transfer of system files to NVS. You can transfer files by
FTP to the user space. You can then install files from the user space onto the system
using the copy command. It is not possible to access the system files directly through
FTP operations.
FTP sessions on the E Series router use the vty lines. The E Series router divides its vty
resources between Telnet, SSH, and FTP services. Each FTP session requires one vty
line. The FTP service uses the authentication method configured for the vty lines.
Features
The system supports the following FTP features:
Compliance with RFC 959—File Transfer Protocol (FTP) (October 1985)
FTP passive mode
Efficient NVS organization
User authentication by RADIUS or password checking
FTP Passive Mode
Normally, when a client connects to an FTP server, the client establishes the control
channel with the server, and the server responds by opening a data channel to the client.
However, when the FTP client and server are on opposite sides of a firewall that prohibits
inbound FTP connections, the server cannot open a data channel to the client.
FTP passive mode overcomes this connection limitation. In passive mode, the client
opens a control channel to the server, tells the server it wants to operate in passive mode,
and opens the data channel to the server. This method of establishing the FTP connection
allows both the control channel and the data channel to pass through the firewall in the
allowed direction.
Configuring Authentication
Before you enable the FTP server, configure the authentication procedure for the vty
lines, as follows:
Configure host access lists.
1.
Copyright © 2010, Juniper Networks, Inc.