IBM Aspera Faspex is a popular self-managed web application that provides a user-friendly package sending interface for high-speed transfers with Aspera. Faspex is currently in the 5.x generation, a major overhaul of the application with a modern interface and new features.
Some customers are still running the previous 4.x generation of Faspex and are looking to shift the web experience to Aspera on Cloud (AoC), the hybrid SaaS option that provides an IBM-managed front end to both SaaS and self-managed High-Speed Transfer Server (HSTS) nodes in the public cloud or on-premise.
For customers running Faspex 4.x and HSTS on the same host, this article will describe a configuration to help with that transition.
Faspex 4.x and HSTS running on the same host was a supported configuration. Typically, the HSTS Node API only needs to be exposed to the Faspex application itself. It can communicate on that default port tcp/9092 on localhost:
When transitioning to AoC, we need to export Node API on tcp/443.
We will add a new DNS record pointing at the same host, then add an Apache httpd configuration to forward traffic coming into that hostname to Node API on tcp/9092, leaving the existing Faspex traffic untouched.
Faspex 4.x bundles a version of Apache httpd, so there are no additional components to install.
In this example, our Faspex 4 server has a DNS record of faspex4.example.com, and we have added a new DNS record of node.example.com pointing at the same host.
Create a new file at /opt/aspera/common/apache/custom/node.conf with these contents:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName node.example.com
# SSL Configuration
SSLEngine on
SSLCertificateFile /opt/aspera/common/apache/conf/nodeserver.crt
SSLCertificateKeyFile /opt/aspera/common/apache/conf/nodeserver.key
SSLCertificateChainFile /opt/aspera/common/apache/conf/server-ca.crt
# Reverse Proxy Configuration
ProxyRequests Off
ProxyPreserveHost On
# Forward requests to the backend HTTPS server
ProxyPass / http://127.0.0.1:9091/
ProxyPassReverse / http://127.0.0.1:9091/
CustomLog “|/opt/aspera/common/apache/bin/asrotatelogs /opt/aspera/common/apache/logs/node_access_log 10M 10” common
ErrorLog “|/opt/aspera/common/apache/bin/asrotatelogs /opt/aspera/common/apache/logs/node_error_log 10M 10”
</VirtualHost>
</IfModule>
Be sure to change the ServerName to match your new DNS record and that the SSL lines point to the certificate and key that matches.
Run asctl apache:restart to apply the changes.
In this new configuration, existing traffic to faspex4.example.com will continue to flow normally, and you can proceed with configuring your HSTS Node in AoC using your new node.example.com address.
PacGenesis has a team of expert engineers and consultants that can assist with this configuration. Attaching a node to AoC requires additional steps on both the HSTS side and AoC. Please reach out to sales@pacgenesis.com to discuss options and how our team can help.
Microsoft 365 Phishing Is No Longer Just a Password Problem. It's a Cloud Workflow Security…
A new bipartisan House bill is moving through Congress that would fundamentally change how the…
Executive Summary: IBM Aspera and MASV are both high-speed file transfer platforms, but they're built…
Executive Summary: The UK Cyber Security and Resilience Bill (CSRB) is the most significant overhaul…
Share files of any size with partners, vendors, and global teams in minutes, not hours.…
Enterprise file transfer used to be a simple problem. Move a file from point A…