GlobalSCAPE Knowledge Base

How does authentication take place between clients and EFT Server through the DMZ Gateway?

GlobalSCAPE Support 1
EFT Express (SMB) & Enterprise


  • EFT Server (All Versions)
  • DMZ Gateway Server (All Versions)


When connecting to EFT Server via DMZ Gateway Server, how does authentication take place?


Authentication is delegated to the back-end EFT Server.  It is as if the client were logging in directly to the EFT Server from the internal network.  The DMZ Gateway Server essentially acts as if it were a Layer 3 router and simply routes data from the client to the EFT Server. 

Shown below is the basic, general sequence.  This sequence assumes that EFT Server has already established the Peer Notification Channel (PNC) to the DMZ Gateway.  (The PNC is the outbound-initiated two way socket connection used for communication, typically on port 44500 on the DMZ Server):

  1. Client makes socket connection to DMZ Gateway.
  2. DMZ Gateway Server sends notification message to EFT Server using PNC.
  3. EFT Server opens a new outbound connection to DMZ Gateway Server.
  4. DMZ Gateway Server "glues together" the client socket with the EFT Server socket established in step 3.  At this point DMZ simply routes data between client and EFT.
  5. Client and EFT Server proceed as if the client were connected directly to the EFT Server.

Also In This Category

On a scale of 1-5, please rate the helpfulness of this article

Not Helpful
Very Helpful
Optionally provide private feedback to help us improve this article...

Thank you for your feedback!

Comments require login or registration.

Last Modified: 3 Months Ago
Last Modified By: kmarsh
Type: FAQ
Article not rated yet.
Article has been viewed 15K times.
Find Similar