# Creating a Virtual Machine
We provide a virtual machine image of FileMage Gateway for Microsoft Azure. No installation is required. You just need to create a virtual machine from the Microsoft Azure Virtual Machines Marketplace. This virtual machine image is fully functional upon launch and requires no additional configuration to use. However, you may need to make certain changes depending on your specific use case.
To create a virtual machine, you must have permissions to access and manage a subscription or resource group in Azure.
# First Time Login
After deploying the virtual machine make note of its IP address. The web portal will be available at
https://<server-ip>/. A self-signed certificate is used, which you will have to accept to bypass the browser warning. See Encryption and Certificates for instructions on how to install a signed certificate.
The first time the portal is used you will be asked to register an administrator account.
# Default Ports
By default the following ports are used. See Configuration Reference for information on how to change these ports.
When HTTPS is enabled traffic on the HTTP port will be redirected to the HTTPS port.
To use SFTP in Linux on port 22
sshd must be reconfigured to use a different port.
# Increase Passive Mode FTP Port Range
By default, FileMage Gateway deployed on Azure Marketplace is configured to use ports
6000-6005 for passive mode FTP data connections. This port range may be to small in situations where multiple clients attempt to establish data connections at the same time, and may cause connecting clients to experience delays or be completely unable to connect when they request passive data transfers. The following explains how to enable a larger port range for passive mode FTP in FileMage Gateway installed on a Microsoft Azure.
# Add Virtual Machine Inbound Security Rules
Log in to Microsoft Azure portal.
Go to Virtual machines
- Click the name of the virtual machine you want to configure.
- Under Settings, click on Networking.
Click the Add inbound port rule button.
In the Add inbound security rule panel, specify the following settings:
- Service. Keep the Custom value in the drop-down list.
- Port ranges. Specify the following port range:
- Priority. This value determines the order in which firewall rules are applied. Rules with low priority are applied before rules with high priority. We recommend keeping the automatically assigned Priority value.
- Name. Give the rule a recognizable name so you can tell it apart from others.
- (Optional) Description. If desired, you can add the description to the rule.
You may use any port range, however
49152-65535 is the recommend standard port range.
- Click OK.
# Set Application FTP Passive Mode Port Range
- Add, or modify if already present, the following settings in the application configuration file:
ftp_data_port_start: 49152 ftp_data_port_end: 65535
FileMage Gatway is now configured to use a larger range of ports for passive mode FTP data connections.
# Audit Log Retention
The number of days of audit events that are stored is controlled by the configuration parameter audit_retention_days. We recommend setting this parameter based your estimated workload and available disk space. On average, each 1 million audit events stored will consume 1gb of disk space.
# FTP Public IP Address Auto-detection
FileMage Gateway will use the Azure instance metadata service to detect the virtual machine's public IP address for passive FTP connections. You may override this address by specifying a IP address to be used for FTP passive connections in the servers configuration file. See FTP Public Address Configuration.