Proxy Server Setup

How to set up Aspera Proxy Server by editing aspera.conf.

Print this page

PREREQUISITE: Ensure that you meet the requirements listed in the topic "Proxy Server Requirements" before proceeding.

Aspera Proxy Server is included with your installation of Aspera Enterprise/Connect Server (although you must have a proxy-enabled license).

  1. Enable <enable_http> and/or <enable_https> within aspera.conf.

    In aspera.conf's <server /> section, you must set <enable_http> and/or <enable_https> to true, which enables HTTP and/or HTTPS for the Node API services. To do so, open aspera.conf, which is located in the following directory:

    /opt/aspera/etc/aspera.conf

    Go to the <server /> section and set the <enable_http> and/or <enable_https> options to true. 

    <server>
  ...
    <enable_http>            <!-- true | false -->
        true
    </enable_http>
    <enable_https>           <!-- true | false -->
        true
    </enable_https>
  ...
</server>

    To view all <server /> section options and their descriptions, please refer to the topic "aspera.conf for Nodes." Keep aspera.conf open for the next step.

  2. Add the <proxy /> section to aspera.conf.

    Assuming that you still have aspera.conf open for editing, copy and paste the following <proxy/> section into the configuration file's <server/> section:

    <server>
  ...
    <proxy>        
      <enabled>true</enabled>         <!-- Proxy server is enabled -->        
    </proxy>
  ...
</server>

    Within the <proxy/> section, we have set the <enabled> option to true. This is the only option that you are required to set in order to begin using the Aspera Proxy Server; however, you may need to change the other <proxy/> settings based on your unique network configuration.

  3. Update additional proxy settings, as needed.

    To view all proxy-related configuration options, run the following command (from Enterprise Server's bin directory) in a terminal:

    $ /opt/aspera/bin/asuserdata -s

    NOTE: The asuserdata -s command displays the specifications for the server setup. The values displayed are default values, not the currently-set values.

    After running this command, scroll down to the <!-- Server Options Spec --> section. All configuration options for the Aspera proxy server are displayed here.

    <server>
  ...
    <proxy>        
      <enabled>true</enabled>                         <!-- Proxy enabled: true|false -->        
      <authentication>true</authentication>           <!-- Proxy authentication: true|false -->
      <bind_ip_address>0.0.0.0</bind_ip_address>      <!-- Proxy IP address: IP address -->        
      <bind_ip_netmask></bind_ip_netmask>               <!-- Proxy IP netmask: blank by default -->        
      <port_range_low>5000</port_range_low>           <!-- Proxy port range lower bound: integer -->        
      <port_range_high>10000</port_range_high>        <!-- Proxy port range upper ound: integer -->         
      <cleanup_interval>1800</cleanup_interval>       <!-- Proxy clean-up interval: integer -->        
      <keepalive_interval>7200</keepalive_interval>   <!-- Proxy keep-alive interval: integer -->         
      <session_timeout>60</session_timeout>           <!-- Proxy session timeout: integer -->    
    </proxy>
</server>

    Setting Description Default Value
    Enabled Disable or enable the proxy server. Must be set to true to turn on the service. false
    Authentication Disable or enable the authentication requirement for the proxy server. false
    Bind IP Address The IP address that the proxy server binds to (also the IP address that the client connects to). 0.0.0.0
    Bind IP Netmask The netmask that the proxy server binds to (also the netmask that the client connects to). blank (null)
    Port Range Low The lower bound of the port range. Ensure that the firewall allows the port you specify. 5000
    Port Range High The upper bound of the port range. Ensure that the firewall allows the port you specify. 10000
    Cleanup Interval The interval at which the proxy server scans and cleans up expired sessions. 1800 seconds (30 minutes)
    Session Timeout An ascp session times out if no keep-alive updates have been received for this period of time (seconds). 7200 seconds (2 hours)
    Keep-alive Interval The interval at which an ascp client sends keep-alive requests. This option is propagated to the client. 60 seconds (1 minute)
  4. Restart the node service.

    After modifying aspera.conf, save it and restart the node service with the following command:

    $  /etc/init.d/asperanoded stop
$  /etc/init.d/asperanoded start

    If you receive the following error when attempting to start the node service, check to see if "iptables" is installed on your machine:

    ERR Failed to initialize proxy service

    If "iptables" is not installed, issue the following command (based on your Linux distribution):

    Linux Distribution Command
    Fedora-based Linux 
    $  yum install iptables
    Debian-based Linux 
    $  apt-get install iptables
  5. Check log entries for start-up.
    If you check the log entries upon service startup, the only entries that should be displayed are those shown below.
    LOG proxy service ready (port range 5000-10000)
LOG Started on port(s) 9091,9092s ...

    The port range (lower and upper bounds) can be modified by changing the <port_range_low> and <port_range_high> options in the <proxy/> section of aspera.conf; whereas, the default node service ports (9091 and 9092) can be modified by changing the <http_port> and <https_port> options in the <server/> section. For details on port options and other <server/> section options, please refer to the topic aspera.conf for Nodes.