Configuring Transfer Hostnames for Faspex and Shares
IBM Aspera Faspex and IBM Aspera Shares are web applications that give a friendly web interface for end-users to transfer data at high speeds.
Faspex and Shares are customer-managed and can be installed and configured in on-premise data centers or in a customer’s public cloud environment.
While these applications provide a user interface, they still rely on IBM Aspera High-Speed Transfer Server (HSTS) underneath to perform the actual data transfer. In some cases, the HSTS will be directly available over the public internet by end-users. In other scenarios, there may be a reverse proxy, such as IBM Aspera Proxy, a network load balancer, or other components in between the end-user and the HSTS host.
This article will describe how to configure the hostname/FQDN that end users will connect to.
Log in to the Faspex web interface as an administrator. Click on the Server tab, then choose File Storage. The configured HSTS server will be listed – click the down arrow then choose Edit.
On the next screen, expand the Advanced Configuration section at the bottom and configure:
- Primary transfer address or name: this is the FQDN that an end user’s Aspera Connect client will connect to. This should resolve to the IP address of the end-user facing component. In many cases this will be the HSTS server itself. It could be a public IP that is translated to the private address of the HSTS server. If you’re running Aspera Proxy in front of your HSTS, this will point to the Proxy instead.
- Enable secondary address / Secondary address or name: this is an optional secondary address that can be used for some users. For example, if external users will connect to a public DNS/IP, but internal users are required to connect to an internal DNS/IP.
- Use if requester’s address matches: criteria for enabling the secondary address based on the end user’s IP address. For example, specify 10.221.0.* if internal users are on that subnet.
- Use if browser hostname matches: criteria for enabling the secondary address based on the end user accessing the Faspex web UI through a specific hostname.
Shares can be configured against multiple transfer servers in any location. Accordingly, the configuration will lie at the HSTS server instead of inside the Shares app.
In your Aspera.conf file, located at /opt/aspera/etc/aspera.conf for Linux installations, the <server_name> directive inside of the <server> section defines where Connect clients will attempt to connect to for transfers to and from this server. This address should be resolvable by all end users and point to the appropriate resource – either the HSTS itself, a NAT address that translates to the HSTS, a Proxy server, load balancer, or whatever faces the end user.
For deployments where internal and external users need to connect to different IP addresses, this will require a split-DNS configuration where a single FQDN will resolve to the appropriate address based on the source of the request.
Use the asconfigurator command on HSTS to change this setting, and be sure to restart the asperanoded service to ensure that it takes effect:
# /opt/aspera/bin/asconfigurator -x “set_server_data;server_name,shares.pacgenesis.com”
# systemctl restart asperanoded