Step by Step Installing Exchange server 2013 from scratch (Part 1)
In this part, I will be demonstrate how to Install exchange 2013 and prepare new Databases along with preparing the servers for high availability (DAG).
Prerequisites:
– Two Microsoft Windows 2012 R2 servers with 16 GB ram and 200GB disk divided unto two partitions.
– Two NIC, one for MAPI and one for replication.
– Exchange 2013 CU8 setup to directly go to the latest available update.
Installing Prerequisites on all exchange servers
Launch Powershell as administrator and copy then paste the following.
You should download and install the following software prerequisites as per Microsoft’s TechNet article regarding the installation. the software is available the link I posted earlier above or through this link Exchange_Prerequesties
After running all the prerequisites , we can start installation of Exchange 2013
Here I am going to change Exchange’s default installation path and place it on a different partition to avoid any data loss in case of Windows server crash or booting issues.
Now we install the second Exchange server, that will hold the same roles on it as the first one (Mailbox and CAS).
The steps are going to be exactly the same except that you won’t have to prepare the schema or AD since it’s already prepared.
Installation has finished for both servers
Creating DATABASES:
NOTE:
It’s better to mount the database upon creation and not restart the IS instantly after that.
Now it’s time to create new Databases and replace them with the default ones that come with the Installation
First we’ll have to start off by creating our targeted databases which we want to use them. Note that for the standard version of Exchange 2013 you can only create up to 5 databases per mailbox server.
In order to demonstrate all benefits of Exchange 2013 and its features including DAG. I will create 2 databases. One database on each server.
The first database will be called DB1SRV1
As soon as we have created the Database, we faced the following error with event ID 106
Then another warnıng from MSExchangeFastSearch wıth event id 1006
This indicates that a database should not be mounted upon creation, you should untick the mount DB option when you create one.
After waiting a bit the following logs should appear and show a healthy indexing start.
Once the DB has been created, Exchange AC will require that you restart the IS (Information store Service) in order for replication to happen without an issue.
Database is showing healthy and no issues so far.
Now we’ll create a new DB on the second server without ticking the mount DB option.
Microsoft Exchange Server Locator Service failed to find active server for database ‘de5f3051-c202-4976-b8e4-65bbbe0c2395’. Error: The database with ID de5f3051-c202-4976-b8e4-65bbbe0c2395 couldn’t be found.
The same exact errors came after creating the Database without mounting it.
Now let’s restart the IS service and mount our database then see what happens..
Upon restarting the service, we get the following error which is related to the MS Exchange replication service . It noticed that the database that we have created has never been mounted in order to start the indexing.
Let’s mount the database and see the changes
Mounting the database have got the AM to report successfully and after couple of seconds the MSExchangeFastSearch will check out if the database have any indexing files.
No indexing state have been found and so the FastSearch service will give you a 1013 warning report. This is a good warning because it reports that the service is working properly and that it will create the indexing folder after couple of minutes as we’ll see later.
It takes approximately 3-5 minutes for the database to start the indexing.
Now on the EAC, the DB should report healthy. Let’s see
Removing Default databases
First step before deleting the default databases is to move any system mailboxes or arbitrary mailboxes in them to the newly created databases…
Paul Cunningham wrote a great article on how to do this using Powershell … in the following link
The warning above is apparently due to Exchange permission on AD. It has been described in detail on how to solve this warning by Nuno Mota in the following Link.
Stack trace: at Microsoft.Exchange.Clients.Common.UserAgent.HasString(String str)
at Microsoft.Exchange.Clients.Common.UserAgent.get_Layout()
at Microsoft.Exchange.Clients.Common.UserAgent.get_LayoutString()
at ASP.auth_logon_aspx.__Render__control1(HtmlTextWriter __w, Control parameterContainer)
at System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter writer, ICollection children)
at System.Web.UI.Page.Render(HtmlTextWriter writer)
at System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer, ControlAdapter adapter)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
Custom event details:
OWA PAGE
Solution:
On Exchange servers, Make sure that Exchange servers are not members of Organization Management group and if they are then remove them and run this cmdlet anyway on all Exchange Servers then restart the Servers.
After you attempt to try Hybrid Configuration Wizard between Exchange 2013 SP1 and Exchange online (Office 365), You are unable to login to your OWA/ECP Page and instead you get an 500 unexpected error:
If you go to event viewer You might find Event ID 4 which shows the error:
Cause:
The HCW or “Hybrid Configuration Wizard” In Exchange 2013 (CU6 or 8) might cause some changes to your CAS folder in the following path and file.
“c:\Program Files\Microsoft\Exchange Server\V15\ClientAccess\ecp\DDI”` the file name is RemoteDomains.xaml and multiply some variables which causes ECP to fail and report that error.
Error:
Current user: 'Domain.local/User'
Request for URL 'https://ex2k1301.Domain.local:444/ecp/default.aspx(https://mail.Domain.com/ecp/)' failed with the following error:
System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Data.DuplicateNameException: A column named 'TargetDeliveryDomain' already belongs to this DataTable.
at System.Data.DataColumnCollection.RegisterColumnName(String name, DataColumn column)
at System.Data.DataColumnCollection.BaseAdd(DataColumn column)
at System.Data.DataColumnCollection.AddAt(Int32 index, DataColumn column)
at Microsoft.Exchange.Management.DDIService.AutomatedDataHandlerBase.CreateColumn(DataTable table, Dictionary`2 rbacMetaData)
at Microsoft.Exchange.Management.DDIService.AutomatedDataHandlerBase..ctor(Service profileBuilder)
at Microsoft.Exchange.Management.DDIService.AutomatedDataHandlerBase..ctor(String schemaFilesInstallPath, String schema)
at Microsoft.Exchange.Management.ControlPanel.WebServiceReference.GetList(DDIParameters filter, SortOptions sort)
at Microsoft.Exchange.Management.ControlPanel.OrganizationCache.LoadTargetDeliveryDomain(AddValueHandler addValue, LogErrorHandler logError)
at Microsoft.Exchange.Management.ControlPanel.OrganizationCache.TryGetValue[T](String key, T& value)
at Microsoft.Exchange.Management.ControlPanel._Default.RenderMetroTopNav()
at ASP.default_aspx.__RendermainForm(HtmlTextWriter __w, Control parameterContainer)
at System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter writer, ICollection children)
at System.Web.UI.HtmlControls.HtmlForm.RenderChildren(HtmlTextWriter writer)
at System.Web.UI.HtmlControls.HtmlContainerControl.Render(HtmlTextWriter writer)
at System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer, ControlAdapter adapter)
at ASP.default_aspx.__Render__control1(HtmlTextWriter __w, Control parameterContainer)
at System.Web.UI.Control.RenderChildrenInternal(HtmlTextWriter writer, ICollection children)
at System.Web.UI.Page.Render(HtmlTextWriter writer)
at System.Web.UI.Control.RenderControlInternal(HtmlTextWriter writer, ControlAdapter adapter)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Data.DuplicateNameException: A column named 'TargetDeliveryDomain' already belongs to this DataTable.
at System.Data.DataColumnCollection.RegisterColumnName(String name, DataColumn column)
at System.Data.DataColumnCollection.BaseAdd(DataColumn column)
at System.Data.DataColumnCollection.AddAt(Int32 index, DataColumn column)
at Microsoft.Exchange.Management.DDIService.AutomatedDataHandlerBase.CreateColumn(DataTable table, Dictionary`2 rbacMetaData)
at Microsoft.Exchange.Management.DDIService.AutomatedDataHandlerBase..ctor(Service profileBuilder)
at Microsoft.Exchange.Management.DDIService.AutomatedDataHandlerBase..ctor(String schemaFilesInstallPath, String schema)
Looking in the path I have wrote above “\Microsoft\Exchange Server\V15\ClientAccess\ecp\DDI” and opening the file that I have mentioned “RemoteDomains.xaml” you can clearly see there are incorrect format that have been duplicated 3 times.
To make sure that this was the cause, I have another server with CU8 on it so I went and checked the same file which was in the same location to find the result different.
This is the server that works in another environment and doesn’t have any issue.
So, the solution was to remove the two duplicates and correct the format of the variable line… I corrected the first line that includes
And deleted the other two identical lines.. then I saved the file and closed notepad.
Next: Open IIS on the same server and go to “Application Pools” right click on the affected pools and Recycle them.. You don’t need to reset IIS as the fix should work right away.
Recycle ECP Pool
After recycling checking if the pool is reporting started or not…
You cannot have ArchiveDomain set when archive is not enabled for this user.
I have previously done a Hybrid integration with Office 365 with my Exchange 2010 server and enabled Archiving online when I migrated my user to Exchange online but then I finished my demo and decided to bring the user back on-premises.
Now I have deployed Exchange 2013 and wanted to migrate the same user to Exchange 2013 from 2010 but the migration request fails with the following message.
6/7/2015 1:23:24 PM [EXCH2K13] ” created move request.6/7/2015 1:23:57 PM [EXCH2K13] The Microsoft Exchange Mailbox Replication service ‘EXCH2K13.demotesas.local’ (15.0.1076.6 caps:1FFF) is examining the request.6/7/2015 1:23:59 PM [EXCH2K13] Connected to target mailbox ‘b6ee5dd7-beab-45a0-9933-8e926a694de3 (Primary)’, database ‘Mailbox Database 0439787427’, Mailbox server ‘EXCH2K13.demotesas.local’ Version 15.0 (Build 1076.0).6/7/2015 1:23:59 PM [EXCH2K13] Connected to source mailbox ‘b6ee5dd7-beab-45a0-9933-8e926a694de3 (Primary)’, database ‘Database1’, Mailbox server ‘EXCH01.demotesas.local’ Version 14.3 (Build 174.0).6/7/2015 1:23:59 PM [EXCH2K13] Request processing started.6/7/2015 1:23:59 PM [EXCH2K13] Source mailbox information:Regular Items: 104, 5.549 MB (5,818,789 bytes)Regular Deleted Items: 0, 0 B (0 bytes)FAI Items: 50, 0 B (0 bytes)FAI Deleted Items: 0, 0 B (0 bytes)6/7/2015 1:23:59 PM [EXCH2K13] Cleared sync state for request b6ee5dd7-beab-45a0-9933-8e926a694de3 due to ‘CleanupOrphanedMailbox’.6/7/2015 1:23:59 PM [EXCH2K13] Mailbox signature will not be preserved for mailbox ‘b6ee5dd7-beab-45a0-9933-8e926a694de3 (Primary)’. Outlook clients will need to restart to access the moved mailbox.6/7/2015 1:24:04 PM [EXCH2K13] Stage: CreatingFolderHierarchy. Percent complete: 10.6/7/2015 1:24:05 PM [EXCH2K13] Initializing folder hierarchy from mailbox ‘b6ee5dd7-beab-45a0-9933-8e926a694de3 (Primary)’: 76 folders total.6/7/2015 1:24:05 PM [EXCH2K13] Folder creation progress: 0 folders created in mailbox ‘b6ee5dd7-beab-45a0-9933-8e926a694de3 (Primary)’.6/7/2015 1:24:10 PM [EXCH2K13] Folder hierarchy initialized for mailbox ‘b6ee5dd7-beab-45a0-9933-8e926a694de3 (Primary)’: 75 folders created.6/7/2015 1:24:10 PM [EXCH2K13] Stage: CreatingInitialSyncCheckpoint. Percent complete: 15.6/7/2015 1:24:10 PM [EXCH2K13] Initial sync checkpoint progress: 0/76 folders processed. Currently processing mailbox ‘b6ee5dd7-beab-45a0-9933-8e926a694de3 (Primary)’.6/7/2015 1:24:12 PM [EXCH2K13] Initial sync checkpoint completed: 66 folders processed.6/7/2015 1:24:12 PM [EXCH2K13] Stage: LoadingMessages. Percent complete: 20.6/7/2015 1:24:14 PM [EXCH2K13] Messages have been enumerated successfully. 154 items loaded. Total size: 5.55 MB (5,819,724 bytes).6/7/2015 1:24:14 PM [EXCH2K13] Stage: CopyingMessages. Percent complete: 25.6/7/2015 1:24:14 PM [EXCH2K13] Copy progress: 0/154 messages, 0 B (0 bytes)/5.55 MB (5,819,724 bytes), 55/76 folders completed.6/7/2015 1:24:58 PM [EXCH2K13] Copying messages is complete. Copying rules and security descriptors.6/7/2015 1:25:04 PM [EXCH2K13] Initial seeding completed, 154 items copied, total size 5.55 MB (5,819,724 bytes).6/7/2015 1:25:04 PM [EXCH2K13] Stage: IncrementalSync. Percent complete: 95.6/7/2015 1:25:05 PM [EXCH2K13] Folder hierarchy changes reported in source ‘b6ee5dd7-beab-45a0-9933-8e926a694de3 (Primary)’: 2 changed folders, 0 deleted folders.6/7/2015 1:25:05 PM [EXCH2K13] Content changes reported for mailbox ‘b6ee5dd7-beab-45a0-9933-8e926a694de3 (Primary)’: Batch 1, New 3, Changed 1, Deleted 0, Read 0, Unread 0, Total 4.6/7/2015 1:25:05 PM [EXCH2K13] Total content changes applied to mailbox ‘b6ee5dd7-beab-45a0-9933-8e926a694de3 (Primary)’: New 3, Changed 1, Deleted 0, Read 0, Unread 0, Skipped 0, Total 4.6/7/2015 1:25:05 PM [EXCH2K13] Incremental Sync ‘b6ee5dd7-beab-45a0-9933-8e926a694de3 (Primary)’ completed: 2 hierarchy updates, 4 content changes.6/7/2015 1:25:05 PM [EXCH2K13] Stage: IncrementalSync. Percent complete: 95.6/7/2015 1:25:07 PM [EXCH2K13] Final sync has started.6/7/2015 1:25:07 PM [EXCH2K13] Folder hierarchy changes reported in source ‘b6ee5dd7-beab-45a0-9933-8e926a694de3 (Primary)’: 0 changed folders, 1 deleted folders.6/7/2015 1:25:07 PM [EXCH2K13] Incremental Sync ‘b6ee5dd7-beab-45a0-9933-8e926a694de3 (Primary)’ completed: 1 hierarchy updates, 0 content changes.6/7/2015 1:25:07 PM [EXCH2K13] Source mailbox information:Regular Items: 108, 5.562 MB (5,832,087 bytes)Regular Deleted Items: 0, 0 B (0 bytes)FAI Items: 50, 0 B (0 bytes)FAI Deleted Items: 0, 0 B (0 bytes)6/7/2015 1:25:07 PM [EXCH2K13] Stage: FinalIncrementalSync. Percent complete: 95.6/7/2015 1:25:09 PM [EXCH2K13] Mailbox store finalization is complete.6/7/2015 1:25:09 PM [EXCH2K13] SessionStatistics updated.6/7/2015 1:25:09 PM [EXCH2K13] Verifying mailbox contents…6/7/2015 1:25:10 PM [EXCH2K13] Mailbox contents verification complete: 66 folders, 157 items, 5.562 MB (5,831,953 bytes).6/7/2015 1:25:10 PM [EXCH2K13] Mailbox ‘Mohammed JA. Hamada’ was loaded from domain controller ‘ad.demotesas.local’.6/7/2015 1:25:18 PM [EXCH2K13] Fatal error UpdateMovedMailboxPermanentException has occurred.
On Exchange 2010, I launched Exchange Management shell and ran the following cmdlet which will show any attribute that has arch in it for the user Mohammed
Get-mailbox User | fl arch*
Since there’s no archive mailbox then the archive domain is invalid and I don’t even own it anymore as it has expired a while ago.
Resolution:
I will try to remove the archive domain object from the user’s properties using the following cmdlet
Set-mailbox mailboxname -ArchiveDomain $null
Using the above cmdlet seems to fail due to this property being administered by Exchange server so it’ll have to be removed manually.
I will open the user’s attribute and delete the value and try to continue the migration again.
Performance counters for the Client access role is not installed
To solve the problem
Open the Exchange Management Shell
Run the following cmd: add-pssnapin Microsoft.Exchange.Management.PowerShell.Setup
Run the following cmd: new-perfcounters –definitionfilename “C:\Program Files\Microsoft\Exchange Server\V14\Setup\Perf\RpcClientAccessPerformanceCounters.xml”
By running these cmds we will install the Performance Counters needed for the RPC Client Access Service. Once installed the error won’t be displayed anymore.
In a very interesting situation that I came through I had an environment with two DCs and Exchange 2010 that I had previously setup for Hybrid integration with Office 365 for demonstration with a trial subscription but I haven’t removed the integration after I finished my test and the trial expired and the tenant was deleted.
Next I intended to upgrade my existing Exchange 2010 to Exchange 2013 and setup coexistence between them however, I have stumbled in the step of preparation of AD schema for Exchange 2013. While trying to prepare the schema I got the following error
Welcome to Microsoft Exchange Server 2013 Cumulative Update 8 Unattended Setup
Copying Files…
File copy complete. Setup will now collect additional information needed for
installation.
Performing Microsoft Exchange Server Prerequisite Check
Prerequisite Analysis FAILED
A hybrid deployment with Office 365 has been detected. Please ensure that you are running setup with the /TenantOrganizationConfig switch. To use the TenantOrganizationConfig switch you must first connect to your Exchange Online tenant via PowerShell and execute the following command: “Get-OrganizationConfig | Export-Clixml -Path MyTenantOrganizationConfig.XML”. Once the XML file has been generated, run setup with the TenantOrganizationConfig switch as follows “/TenantOrganizationConfig MyTenantOrganizationConfig.XML”.
If you continue to see this this message then it indicates that either the XML file specified is corrupt, or you are attempting to upgrade your on-premises Exchange installation to a build that isn’t compatible with the Exchange version of your Office 365 tenant. Your Office 365 tenant must be upgraded to a compatible version of Exchange before upgrading your on-premises Exchange installation. For
)/ms.exch.setupreadiness.DidTenantSettingCreatedAnException.aspx The Exchange Server setup operation didn’t complete. More details can be found in ExchangeSetup.log located in the <SystemDrive>:\ExchangeSetupLogs folder.
The Office 365 Hybrid setup was still there in my Exchange Console and since I couldn’t follow MS’s recommended steps to connect to O365 tenant and get the XML file then I had to do things manually.
First I connected to the EMC and removed all the instances that were created during the Exchange Hybrid Wizard Configuration
1- Removing Organization Relationships
2- Removing Federation Trust
3- Removing Remote Domains
4- Removing Accepted Domains
5- Removing Send and Receive Connectors
6- Lastly the Hybrid Configuration object…
Since remove-hybridconfiguration cmdlet is not supported to remove the hybrid configuration object from AD then we have no choice but to use ADSIEDIT tool to do so.
I will navigate to Configuration > Services > Microsoft Exchange > First Organization > Delete “CN=Hybrid Configuration”
Restart MSExchangeServicehost
Now I will try again to prepare AD schema for Exchange 2013 but I got a different error
Extending Active Directory schema FAILED
The following error was generated when “$error.Clear);
RoleSchemaPrefix + “schema0.ldf”)” was run: “Microsoft.Exchange.Configuration.Tasks.TaskException: There was an error while running ‘ldifde.exe’ to import the schema file ‘C:\Windows\Temp\ExchangeSetup\Setup\Data\PostExchange2003_schema0.ldf’. The error code is: 8224. More details can be found in the error file: ‘C:\Users\Administrator.DEMOTESAS\AppData\Local\Temp\2\ldif.err’at Microsoft.Exchange.Configuration.Tasks.Task.ThrowError(Exception exception, ErrorCategory errorCategory, Object target, String helpUrl)at Microsoft.Exchange.Management.Deployment.InstallExchangeSchema.ImportSchem
cessRecord()at Microsoft.Exchange.Configuration.Tasks.Task.<ProcessRecord>b__b()at Microsoft.Exchange.Configuration.Tasks.Task.InvokeRetryableFunc(String funcName, Action func, Boolean terminatePipelineIfFailed)”.The Exchange Server setup operation didn’t complete. More details can be found
in ExchangeSetup.log located in the <SystemDrive>:\ExchangeSetupLogs folder.
Checking the ldif.err file mentioned in the error above it seems that Exchange is complaining because the changes of the AD schema is not being replicated to the other AD partners which is true since I have another additional DC that’s turned off.
After turning on the other DC we’ll see what happens
The other DC had another issue as I have turned it off for long time and it was not syncing due to expired Tomb stone life so I had to fix this issue as well and I have published it in a different article.
Please click here to see how the replication issue was fixed.
After DC migration and changing in the PDC and Schema master role server to the new DC and shut down the old DC for test. On Exchange 2010 server you might get the following error
An error caused a change in the current set of Active Directory settings. Restart The Exchange Management Console.
Exchange Console
Current deployment
Exchange 2010
New DC 2012 R2 with another Additional DC installed newly.
Two DC 2008R2 but have been shut down for testing.
Problem:
After you shutdown or demote the old PDC or Schema master Demote Domain Controller role, Microsoft Exchange Management Console fails to retrieve any Exchange information with error message “An error caused a change in the current set of Active Directory Server settings. Restart Exchange Management console.”
Cause
Microsoft Exchange management console caches the data in the user’s profile for quick access, So whenever you try to open EMC from an existing Exchange admin profile you will get the same error.
Resolution:
Navigate to the following folder and delete the Exchange Management Console file.
In an environment where one DC exist after adding Windows 2012 R2 Servers as additional servers, Exchange 2007 doesn’t show the new servers although they also hold GC.
Research:
To locate the problem you should search the event ID (2080) which shows the populated DCs and the permissions allowed on Exchange servers
In the below screenshot, the SACL right was not provided to the new DCs due to GPO problem.
After checking sites, Replication, all is healthy and no issue with it.
3 servers (Two 2012 servers) and one DC 2003 Server
Exchange 2010 SP3 servers.
Reason:
The Default Domain Controllers Policy was not linked to the Domain Controllers OU.
Resolution:
After Linking the Domain Controllers OU to the Default Controllers policy, the SACL permission was provided without any issue.
Now Exchange is reporting healthy and can read the new DCs which allow us to demote the old DCs
Creating FTP over SSL secure server using Filezilla with Pfsense
1- First step would be by creating the groups/users you want to create.
Second click settings and go to Passive Mode settings and configure it as below, where your Public IP needs to be of the firewall that NATs the connection.
Make sure that the FTP server’s Public IP reflects the Firewall IP that you’re configuring the FTP connection on.
2- Now it’s time to configure the SSL/TLS settings
You first need to Generate a certificate in order for the connection to be secured and data to be encrypted. you can do that through the FileZilla server app it self too as you can see in the snapshot there’s an option where you can do that.
Just click Generate new certificate, fill in the information.. you can randomize it if you want just type in anything and click ok when finished and select the option according to the snapshot.
3- Firewall configuration:
In my case I’m using Open source software firewall which to be honest doesn’t vary that much from hardware firewall since they are all web based.
I’ll configure two NAT rules enabling FTP secured standard port which is (990) in my case to avoid attackers who usually target port 21. And enable FTP data port range for data exchanging between server and client which in this case needs to be a big range in order to not slow down the connection and for client to be able to open more than socket in case of big amount of data transferring.
First rule will enable incoming connection from any source to the internal LAN IP which host the FTP server on port 990 to establish the FTP secure connection.
Second rule will enable incoming connection from any source to the FTP server on LAN on data range port from 50000 to 51000.
In the destination IP , you need to set the WAN IP address which you have specified earlier in FTP Server’s Passive mode settings.
Make sure when you setup your client you set the transfer mode to passive. and here’s the result:
For File Sharing Server over HTTP you can use HFS application