SFTP connections and Mirroring / Virtual IP Addresses
Morning everyone,
I would appreciate some advice please- hopefully there is plenty of experts out there.
We are setting up an sFTP share between hospital trusts here in the UK and I have set the outbound operation up using a custom extension of EnsLib.HL7.Operation.FTPOperation.
We are configuring a VPN tunnel to run between the sites also so there is a bit of firewall / network routing to take place to enable the connection but to add in a complication we are on a mirrored cluster and usually present on a Virtual IP address.
Could somebody confirm for me please whether specifically for ftp connections we would present to the sFTP server via the virtual IP or via the server IP itself? it looks like the latter.
Also - i do not see "Local Interface" as a setting option in the FTP Outbound operations where when using VPN tunnels we usually have to complete this so that a standard TCP connection presents itself on the Virtual IP.
Apologies if a bit long winded - hopefully you are able to get the gist of what i am saying.
Thanks in advance.
Warren
Hi Warren,
We also have a similar situation, this not limited to FTP adapter, it is there on Email and SQL adapter as well, where you don't get an option on the config to choose the local interface (VIP in this).
I think the short term solution we have been suggested from Intersystems is to allow both your mirror member IP addresses through the firewall, yet to test it though how it will play out with NAT.
Probably, Intersystems will come up with a solution maybe in next couple of months to support this configuration of local interface natively on the adapter classes.
Thanks,
Deepak Ghansala
Hi Deepak,
Thanks for your response - i figured that would probably be the case. We are working with networks to add the two mirror member IP's (both NAT'd in this case) to the routing and firewall so i'm hoping that resolves our issue for now.
Cheers