Changing the ping interval between EFT and DMZ (Advanced Property)


THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT
  • DMZ Gateway

EFT v8.x and later store Advanced Properties in a JSON file. When you upgrade from EFT v7.4.x to EFT v8, the  non-default settings that you have defined in the registry will be added to the Advanced Properties file during upgrade. (Default settings become part of the EFT configuration files.) For a more on how to use advanced properties, and a spreadsheet of the advanced properties, please refer to the "Advanced Properties" topic in the help for your version of EFT.

QUESTION

How can I change the ping interval between DMZ Gateway and EFT server?

ANSWER

  • The EFT server always establishes the connection to the DMZ Gateway server through an outbound socket connection.
  • DMZ Gateway never establishes connection with EFT.
  • The DMZ Gateway routes all client data to EFT over the EFT-initiated socket without any translation or modification to the packet’s payload.
  • To maintain security in the DMZ, DMZ Gateway does no interpretation whatsoever of data; it does not use a store-and-forward architecture, it is purely a forward architecture. If the connection is "plain vanilla" FTP, then it is forwarded as plain vanilla FTP. It is not modified nor inspected between the DMZ Gateway and EFT.
  • EFT queries the DMZ Gateway once every 5 minutes. If a reply is not received within 10 seconds, EFT considers the connection lost, severs the current connection, and then attempts to reconnect. The DMZ Gateway also maintains its own awareness (ping/pong) of whether EFT is connected. Periodically, DMZ Gateway determines whether it has received a pong message from EFT since the last ping. If it has, it will ping again; if not, it drops the connection. This allows it to free up ports if EFT is not available (no longer responds to ping) and for error reporting.

If there is a device between EFT and DMZ Gateway that is terminating idle connections, you can edit these settings:

  • Changing the DMZ Gateway's Ping Interval (in milliseconds)—By default, DMZ Gateway will send a PING message to EFT every thirty seconds. This value is specified within the gwconfig.xml file that resides in the root of the DMZ Gateway installation directory. Stopping DMZ Gateway Service prior to making these changes is required. The value (in milliseconds) can be specified at the global level by modifying the configuration value GlobalPNCKeepalivePeriod. Alternatively, the value can be modified for each site by specifying a new element named PNCKeepalivePeriod within the Profile element in the DMZ Gateway configuration file in the DMZ Gateway installation directory.
  • Changing the EFT server's Ping Interval (in seconds)—By default, EFT sends a PING message to DMZ Gateway every 5 minutes. (5 minutes = 300 seconds). This value can be overridden by adding an advanced property to EFT. The value must be named "gw_keepalive" and the value is specified in SECONDS.
  • For more information about DMZ Gateway-><-EFT communication, refer to "Introduction to DMZ Gateway" in your version of the EFT help or DMZ Gateway help.

In EFT v8 and later, add the advanced property to the advancedproperties.json file in EFT's \ProgramData\ directory.

{
"gw_keepalive":"180" (180 = 3 minutes)
}

In versions prior to v8.0: 

The location of the advanced property in the registry is:

  • On a 32-bit OS: [HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0\Config]
  • On a 64-bit OS: [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\GlobalSCAPE Inc.\EFT Server 4.0\Config]
  • A server restart is required.