# Creating a Virtual Machine

We provide a virtual machine image of FileMage Gateway for Microsoft Azure. No installation is required. You just need to create a virtual machine from the Microsoft Azure Virtual Machines Marketplace. This virtual machine image is fully functional upon launch and requires no additional configuration to use. However, you may need to make certain changes depending on your specific use case.

Note

To create a virtual machine, you must have permissions to access and manage a subscription or resource group in Azure.

# First Time Login

After deploying the virtual machine make note of its IP address. The web portal will be available at https://<server-ip>/. A self-signed certificate is used, which you will have to accept to bypass the browser warning. See Encryption and Certificates for instructions on how to install a signed certificate.

Note

The first time the portal is used you will be asked to register an administrator account.

# Default Ports

By default the following ports are used. See Configuration Reference for information on how to change these ports.

Description Windows Linux
HTTP 80 80
HTTPS 443 443
SFTP 22 2222
FTP 21 21
FTP Passive 6000-6005 6000-6005

Note

When HTTPS is enabled traffic on the HTTP port will be redirected to the HTTPS port.

Note

To use SFTP in Linux on port 22 sshd must be reconfigured to use a different port.

# Increase Passive Mode FTP Port Range

By default, FileMage Gateway deployed on Azure Marketplace is configured to use ports 6000-6005 for passive mode FTP data connections. This port range may be to small in situations where multiple clients attempt to establish data connections at the same time, and may cause connecting clients to experience delays or be completely unable to connect when they request passive data transfers. The following explains how to enable a larger port range for passive mode FTP in FileMage Gateway installed on a Microsoft Azure.

# Add Virtual Machine Inbound Security Rules

  1. Log in to Microsoft Azure portal.

  2. Go to Virtual machines

    • Click the name of the virtual machine you want to configure.
    • Under Settings, click on Networking.
  3. Click the Add inbound port rule button.

  4. In the Add inbound security rule panel, specify the following settings:

    • Service. Keep the Custom value in the drop-down list.
    • Port ranges. Specify the following port range: 49152-65535.
    • Priority. This value determines the order in which firewall rules are applied. Rules with low priority are applied before rules with high priority. We recommend keeping the automatically assigned Priority value.
    • Name. Give the rule a recognizable name so you can tell it apart from others.
    • (Optional) Description. If desired, you can add the description to the rule.

Note

You may use any port range, however 49152-65535 is the recommend standard port range.

  1. Click OK.

# Set Application FTP Passive Mode Port Range

  1. Add, or modify if already present, the following settings in the application configuration file:
ftp_data_port_start: 49152
ftp_data_port_end: 65535

FileMage Gatway is now configured to use a larger range of ports for passive mode FTP data connections.

# Audit Log Retention

The number of days of audit events that are stored is controlled by the configuration parameter audit_retention_days. We recommend setting this parameter based your estimated workload and available disk space. On average, each 1 million audit events stored will consume 1gb of disk space.

# FTP Public IP Address Auto-detection

FileMage Gateway will use the Azure instance metadata service to detect the virtual machine's public IP address for passive FTP connections. You may override this address by specifying a IP address to be used for FTP passive connections in the servers configuration file. See FTP Public Address Configuration.