How to configure ports for SFTP for eHealth remote poller

Document ID : KB000023396
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:

How to configure ports for SFTP for eHealth remote poller

 

Answer:

These are questions about how to configure SFTP, and how specific firewall configuration parameters need to be setup to allow the protocol to work. CA eHealth support cannot answer questions about how to setup firewalls, because we do not support the firewall software, and we do not know the details of the DMZ that is set up.  Furthermore, the SFTP server products that are used by the eHealth remote poller are produced by another vendor.

 

eHealth uses the standard SFTP products for eHealth 6.2.X and 6.3.0:

 

To use secure FTP for UNIX, you must install and configure one of the following:

 

SunSSH Release 1.2 - Solaris only
OpenSSH Release 3.8
SSH Tectia Server Release 4.4.6

To use secure FTP for Windows, you must install and configure one of the following versions of SSH on your Windows systems:

SSH Secure Shell for Workstations Release 4.4.6
SSH Secure Shell for Windows Servers Release 4.4.6
OpenSSH Secure Shell for Windows Servers Release 3.8SSH Tectia Server (formerly SSH Secure Shell) is a product of SSH Communications Security Corp.

 

If you do not have the correct version of SSH, you can obtain it from the SSH Communications Security Web site at  http://www.ssh.com.

 

The above listed software handles communications for eHealth. If there are questions about how this software works, please contact the software vendor for more information.

 

 You can test the connection with the steps in this section (taken from the CA eHealth Remote Poller Guide):

 

Testing the Secure FTP Connection

Test the secure FTP connection between the central site and the remote polling sites to make sure that the sites will not prompt you for a user name or password.

To test the secure FTP connection

 

1. From the central site command prompt, do the following:

 

For Tectia SSH, enter the following at the command line:

 

sftp2 nhuser@hostname

 

For SunSSH or OpenSSH, enter the following at the command line:

 

SFTP nhuser@hostname

 

where username is your FTP username and hostname is the name of the remote polling site system.

 

The central site connects to the remote polling site without requiring you to enter a user name or password. If you are prompted for a user name or password, the encryption authentication is not set up correctly. Verify that you have correctly completed the steps in the previous sections, Configuring the Remote Sites for Secure FTP (see page 21) and Copying Authentication Keys from the Central SIte to the Remote Sites (see page 24). Do not attempt to run the nhRemotePollerSetup command until you have verified that you have set up secure FTP correctly for each remote polling site.

 

2. Repeat Step 1 to test the secure FTP connection for each remote polling site.