Skip to main contentSkip to search
Powered by Zoomin Software. For more details please contactZoomin
Progress DocumentationProgress Documentation
Progress Documentation
  • Home
  • Home
  • EnglishČeštinaDeutsch (Germany)Español (Spain)Français (France)Italiano (Italy)Português (Brasil)日本語Русский (Russia)中文 (简体) (China)中文 (繁體, 台灣) (Taiwan)ar-AR
  • Login

MOVEit Transfer 2022 Administrator Guide

FTP - Recommended Configuration

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
Table of Contents
  • Start Transferring Files and Data
  • Introduction
    • MOVEit Transfer Documentation
    • Functional Overview
    • Mode of Use: Secure Folders
      • Important Considerations when Delegating Folder Sharing Authority
    • Mode of Use: Ad Hoc (person-to-person)
    • Client Access
    • System Administration and MOVEit Transfer
    • MOVEit Automation
  • Why Managed File Transfer (MFT)?
    • Security/Data Protection
    • Confidentiality, Integrity, Availability
    • Tamper Evident Audit Trail
    • Role-based Access
    • Privacy, Security Standards, and Auditing Requirements
  • MOVEit MFT Features and Advantages
    • Secure Folder Sharing
      • Check Secure Folder Sharing is Enabled
      • Choose Users and Orgs
      • Delegate
    • Shared Mailboxes
    • WebPosts
    • Recent Downloads
    • Ad Hoc Transfer Implementation
    • Sync Client
    • MOVEit Mobile 2.0
    • Upload/Download/Send
    • Email Notifications
    • Display Profiles
    • Single Sign-on using SAML
    • User Authentication
    • User Account Expiration
    • International Languages
    • Content Scanning
    • Multi-homing
    • Azure Integration
  • MOVEit Transfer Config Utility (DMZConfig)
    • SSL and SSH
      • Keys and Certificates Overview
      • Selecting SSL/TLS Support
      • Creating SSL Server Certificate
        • TLS (SSL) - Server Certs - Overview
        • TLS (SSL) - Server Certs - CSRs
        • TLS (SSL) - Server Certs - Import and Export
        • TLS (SSL) - Server Certs - Assign to Components
        • TLS (SSL) - Server Certs - Backing Up
      • TLS (SSL) - Client Certs - Importing/Creating
        • TLS (SSL) - Client Certs - Holding Tank
        • TLS (SSL) - Client Certs - Trusted CAs
        • TLS (SSL) - Client Certs - Troubleshooting
        • TLS (SSL) - Client Certs - IIS Configuration
        • TLS (SSL) - Client Certs - Hardware Tokens - Overview
        • TLS (SSL) - Client Certs - Hardware Tokens - Aladdin eTokens
        • TLS (SSL) - Client Certs - Overview
      • Generate and Install Keys (SSH)
        • SSH - Server Keys - Overview
        • SSH - Client Keys - Overview
          • SSH - Client Keys - Import
          • SSH - Client Keys - Holding Tank
    • Critical Event Notifications
    • Gateway Connection Configuration
      • Delete Legacy Tunnel (Post-Upgrade)
  • Firewall Configuration
  • Backup/Restore Utility
  • Admin/Web UI
    • Admin Features on the Home Page
    • Users
      • Permissions
        • Temp/Guest User
        • GroupAdmin
        • FileAdmin
        • Regular User
        • User Profile - Group Information
        • Admin
        • SysAdmin
        • Anonymous Users
      • User Profile
        • User Profile - General Information
        • User Profile - User Authentication
        • User Profile - User Settings
        • User Profile - Shared Mailboxes
        • User Profile - Address Book Information
    • GroupAdmins
      • Profile
    • Folders
    • Packages
    • Live View
      • Interactive View
      • Full View (NOC view)
    • Logs
      • View User Logs
    • Reports
      • Add and Run Reports
      • Report Types
      • Edit the Output Template (Default Report Settings)
      • Statistics
      • Custom Reports
      • Custom Reports Best Practices
    • Settings
      • Appearance
        • Appearance - Brand
        • Appearance - Info
        • Appearance - Display
        • Appearance - Notification Fields and Format
        • Appearance - Notification - Items Displayed
        • Appearance - Notification - Custom
        • Templates for Custom Notifications
        • Macros for Custom Notifications
        • Appearance - Folders
      • Security Policies
        • Security Policies - Password
        • Settings - Security User Auth
          • Configure Security Tokens for External Applications
        • User Authentication - Single Sign-on
          • SAML Single Sign-on Configuration Notes
        • Multi-Factor Authentication
          • Allow MFA Site Wide
          • Available Methods
          • Remember this Device
          • Requiring Multi-Factor Authentication
        • Troubleshooting Single Sign-on Issues
        • External Authentication - Overview
          • Security Policies - External Authentication - Radius (Authentication Only)
          • Security Policies - External Authentication - LDAP Authentication Only
          • Security Policies - External Authentication - LDAP Lookup
          • External Authentication - WS-Trust (Authentication Only)
        • Security Policies - User Settings
        • Security Policies - Group
        • Security Policies - Remote Access
        • Security Policies - Interface
        • Web Interface - Settings - Security Policies - Folder
          • Before You Enable User-Home Folder Sharing Throughout Your Org!
        • Content Scanning - Anti-virus
        • Content Scanning - Data Loss Prevention (DLP)
        • Current IIS and FTP Certificate
      • Ad Hoc Transfer
        • Ad Hoc Transfer - Access - Registered Senders
        • Ad Hoc Transfer - Access - Unregistered Recipients
        • Ad Hoc Transfer - Access - Unregistered Senders
        • Ad Hoc Transfer - Content
        • Ad Hoc Transfer - Maintenance
        • Ad Hoc Transfer - Content - Classification Field
      • System (System-Wide Settings)
        • System - Debug Logs
        • System - Auditing
        • System - User Authentication
        • System - Remote Access
        • System - Notification
        • System - Miscellaneous
        • System - Tamper Detection
        • System - Content Scanning
        • System - HTTP Security Headers
      • Miscellaneous
        • Miscellaneous - Aging
        • Miscellaneous - File Viewing
        • Miscellaneous - Tamper Detection
    • SysAdmin Dashboard (Organizations Page)
      • Profile
      • Change User Interface Settings
      • Change Maximum User Count
      • Change Package Viewing Settings
      • Manage Org Encryption Key
        • Post Conversion Guidelines
      • TLS/SSL Server Certificate Settings
    • Schemes - Overview
      • Scheme Profile
      • Schemes - Custom
        • Upgrading to MOVEit 8.2 (and later) from a Custom Scheme or a Supported Legacy Scheme
        • Upgrading to MOVEit 8.2 (and later) from a Non-Supported Legacy Scheme
        • Custom Background Images
  • FTP Server
    • FTP - Configuration
    • FTP - Glossary
    • FTP - Supported Commands
    • FTP - Recommended Configuration
    • FTP - Troubleshooting
    • FTP - SSL Certificates
    • FTP - Specific Clients - z/OS
    • FTP - Specific Clients - cURL
    • FTP - Interoperability - IIS FTP
    • FTP - Interoperability - Integrity Check How-To
    • FTP - Certificates - Create Client Certificate
  • SSH Server
    • SSH - Configuration
    • SSH - Protocol Discussion
    • SSH - Server Keys - Overview
    • SSH - Specific Clients - OpenSSH Windows
    • SSH - Specific Clients - OpenSSH UNIX
  • Web Farms
    • Web Farms - Architecture
    • Web Farms - Webfarm Tab
    • Web Farms - Technical Discussion
    • Web Farms - Installation - Prerequisites
    • Web Farms - Installation - Pre-Installation Steps
    • Web Farms - Installation - Installation Steps
    • Web Farms - Software Upgrade
  • Advanced Topics
    • AS2 and AS3
    • User Forms
    • Database - Partial Schema
    • Database - Actions
    • Database - Troubleshooting
    • Database - MS SQL Performance
    • Database - Connect to MS SQL Over TLS 1.2
    • Database - Remote Access
    • Database - Migrating to Azure SQL
    • Package - Archives
    • Service Integration - Ad Hoc Add-in
    • Service Integration - Anti-virus (A/V)
    • Service Integration - CAC Integration
    • Service Integration - Local Mail Relay
    • Service Integration - SiteMinder Integration
    • Service Integration - SysLog and SNMP
    • Service Integration - Time Synchronization
    • Service Integration - Web Integration
    • Service Integration - Remote File Store - Azure Blob Service
      • Service Integration - Adjusting Maximum File Size for Block Blob File Store
      • Service Integration - Backup/Restore with AzCopy
    • Service Integration - Migrating the MOVEit Transfer Filestore to Azure Blobs
    • System Internals - Exception Handling
    • System Internals - MOVEit Transfer Error Codes
    • System Internals - NTFS Permissions
    • System Internals - Scheduled Tasks
    • System Internals - System Reference
    • System Internals - Templates and Icons
    • System Internals - Timeouts
    • System Internals - URL Crafting
    • System Internals - Remote Filesystem
    • System Internals - Performance Monitoring
    • System Internals - Critical Alerts and Actions
  • User Guide Welcome
    • Overview
    • Get Started
    • Tour the Web UI
      • Home Page
        • Package Actions
        • Upload Files
        • New Items
      • Folders (Tour)
      • Packages
      • View Recent Downloads
      • Logs
    • Work with Files and Folders
      • Request File
      • Add a Folder
      • Share a Folder
        • Share Overview
        • View/Apply Share Settings
        • Who Can Share?
        • Who Can I Share With?
        • Who Can Grant Permissions to Share?
        • Folder Sharing Walkthrough
      • Add a Virtual Folder
      • Edit Folder Settings
        • General Information
        • Folder Access Settings
        • Miscellaneous Settings
        • Add/Remove Secure Folder Sharing Notifications
        • Notification Settings
        • Automated Maintenance
        • Allowed File Masks
        • File and Folder Name Character Restrictions
        • Web Post Response Settings
      • Delete Folders and Files
      • Copy Folders and Files
      • Move Folders and Files
      • Upload a File
      • Download Files
      • Folder Types and Symbols
      • View and Manage Files
        • View File Thumbnails
        • Find Files and Folders
    • Work with Packages
      • About Packages
      • View Mailboxes
      • View Packages
        • View a Package's Read Status
        • View Send Receipt
        • View Package History
      • Send Packages
      • Recall a Package
      • Manage Your Address Book
      • Share Mailboxes
    • Manage My Account
      • Manage Your Expiration Details
      • Signing On with Multi-Factor Authentication
        • Set Up Multi-Factor Authentication
          • Self Opt MFA for Your Account
          • Methods to Verify Identity
            • Install Authenticator App to Your Mobile Device
            • Scan the QR Code (Mobile Set Up)
            • Pair Your Email Account (Set Up)
          • Use Trusted Devices
      • Change Your Password
      • Edit Your Email Settings
      • Edit Your Language
      • Authorized Applications
      • Edit Number of Folders/Files/Items Per Page
      • Edit Your Ad Hoc (Package) Transfer Settings
    • Contact Administrator/Get Help
    • Sign On
      • Sign-on and Account Access Tips (why is access blocked?)
      • Authenticating with a Client Certificate
      • Sign On and Settings
    • Sign Out
  • Privacy, Security, and Data Protection Features
    • Privacy, Security Standards, and Auditing Requirements
    • Security/Data Protection
  • Compliance Statements and Acknowledgements
    • Government Compliance Statements
      • Regulations Overview
      • Regulations FDA
      • Regulations ADA
    • Regional Considerations for Export of this Software.
    • Third Party Software Acknowledgement
Table of Contents

FTP - Recommended Configuration

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: July 29, 2025
  • 1 minute read
    • MOVEit Transfer
    • Version 2022
    • Documentation

The following configuration is best practice. This "passive, implicit" setup has been shown to be the most problem-free of any FTPS configuration at a number of large MOVEit sites.

  • MOVEit Transfer FTP Server
    • Enable Require Passive Mode
    • Set Explicit Port to 21
    • Set Implicit Port to 990
    • Restrict Passive Ports on 3000 to 3100 (or some other range)
  • IPSec Policy (FTP Rule Filters)
    • Allow TCP from AnyIP, AnyPort to MyIP, Port 21
    • Allow TCP from AnyIP, AnyPort to MyIP, Port 990
    • Allow TCP from AnyIP, AnyPort to MyIP, Port 3000
    • Allow TCP from AnyIP, AnyPort to MyIP, Port 3001
    • Allow TCP from AnyIP, AnyPort to MyIP, Port 3002
    • Allow TCP from AnyIP, AnyPort to MyIP, Port 3003
  • Firewall Rules
    • Allow TCP from AnyIP, AnyPort to MOVEitDMZ, Port 21
    • Allow TCP from AnyIP, AnyPort to MOVEitDMZ, Port 990
    • Allow TCP from AnyIP, AnyPort to MOVEitDMZ, Port 3000
    • Allow TCP from AnyIP, AnyPort to MOVEitDMZ, Port 3001
    • Allow TCP from AnyIP, AnyPort to MOVEitDMZ, Port 3002
    • Allow TCP from AnyIP, AnyPort to MOVEitDMZ, Port 3003
  • Client Configuration
    • Passive Transfer Mode (in other words, "Firewall Friendly")
    • Implicit Connection Mode
TitleResults for “How to create a CRG?”Also Available inAlert