FTP on an EMC NS20 Celerra
17/01/13 08:25 Filed in: Systems Administation
The EMC NS20 Celerra NAS is a small enterprise grade NAS that we use to support a VMWare Cluster and Office CIFS. It seemed like to obvious candidate to provide an external FTP service; this turned out to be a little less easy than was expected.
Although the web based graphical fronted of the NS20 can turn the FTP service on and off it appears that most of the configuration of the FTP server must be conducted via the command line from the control station.
Most of the configuration is made using the
This command allows the service to be configured, started and stopped. Eg:
The most difficult part of the process was getting authentication against our active directory server to work. It turned out that this required activating the interface on the CIFS server that corresponded to interface that the ftp server is connected to from. (Security note: clearly your Celerra is designed to run on an isolated network or a network protected by a firewall).
Debugging this was surprisingly difficult until we rediscovered the
Another useful command is the
Most of the configuration is made using the
/nas/bin/server_ftp
command.This command allows the service to be configured, started and stopped. Eg:
/nas/bin/server_ftp server_2 -service -start
/nas/bin/server_ftp server_2 -service -stop
The most difficult part of the process was getting authentication against our active directory server to work. It turned out that this required activating the interface on the CIFS server that corresponded to interface that the ftp server is connected to from. (Security note: clearly your Celerra is designed to run on an isolated network or a network protected by a firewall).
Debugging this was surprisingly difficult until we rediscovered the
/nas/bin/server_log
command which clearly showed the password lookup problem.Another useful command is the
/nas/sbin/server_user
command which can be used to set up an anonymous ftp server (Security note: I do NOT run and anonymous ftp server as they are too prone to exploitation).