Configuring a Remote Transfer Node for Faspex

Faspex communicates with a transfer server product (IBM Aspera Enterprise Server or IBM Aspera Connect Server) using the Node API, a daemon on the transfer server that offers REST-inspired file operations and a transfer management API. A local, remote, or cloud system installed with a transfer server is called an Aspera node. Faspex can access a local node or a transfer node remotely via the Node API.

The following instruction assume you have already installed Enterprise Server with a Connect Server license on the remote server.

Important: All steps must be performed as the Admin.

Create the system user faspex.
The faspex user authenticates the actual ascp transfer and must be an operating system account.
To create a new system user "faspex" on your Windows system, go to Start > Control Panel > User Accounts. Click Manage another account. Click Create a new account. Name the user faspex. Select Standard user.
Create and configure the faspex_packages directory.
Create the following directory:
```
> cd C:\
> mkdir faspex_packages
```
Configure aspera.conf using the asconfigurator command.
- Set the Faspex package directory as the faspex user's docroot in aspera.conf:
```
asconfigurator -x "set_user_data;user_name,faspex;absolute,C:\faspex_packages"
```
- Set the server hostname with your server's IP address or domain name:
```
asconfigurator -x "set_server_data;server_name,hostname_or_IP"
```
  For example, if your IP address is 198.51.100.24, run the following command:
```
asconfigurator -x "set_server_data;server_name,198.51.100.24"
```
- Set an encryption key:
```
asconfigurator -x "set_user_data;user_name,faspex;token_encryption_key,encryption_key"
```
  For example:
```
asconfigurator -x "set_user_data;user_name,faspex;token_encryption_key,de905198-73b7-4f3c-b125-ffd76f29dc4d"
```
- Configure file and directory create modes. These create modes determine the permissions given the files and directories created on the node. Aspera recommends using the values in the following commands:
```
asconfigurator -x "set_node_data;file_create_mode,770"
asconfigurator -x "set_user_data;user_name,faspex;file_create_mode,660"
asconfigurator -x "set_user_data;user_name,faspex;directory_create_mode,770"
```
Enable HTTP and HTTPS fallback.
The fallback settings on the node must match the fallback settings on Faspex. If the settings don't match, Faspex returns a "Package creation failed" error. Set the HTTP and HTTPS ports to the ports you configured in Faspex. For more information about HTTP fallback, see Configuring HTTP and HTTPS Fallback
```
asconfigurator -x "set_http_server_data;enable_http,true"
asconfigurator -x "set_http_server_data;http_port,8080"
asconfigurator -x "set_http_server_data;enable_https,true"
asconfigurator -x "set_http_server_data;https_port,8443"
```
Restart the asperahttpd service. Go to Start Menu > Control Panel > Administrative Tools > Services. Right-click the Aspera HTTPD service and select Restart.
After modifying aspera.conf, restart Aspera Central and Aspera NodeD services.
You can restart these services from the Windows Computer Management window, accessible from Manage > Services and Applications > Services. Right-click the service and select Restart from the menu.

Run the following command to validate your aspera.conf file:

> C:\Program Files (x86)\Aspera\Enterprise Server\bin\asuserdata -v

Add a node user associated with the system user.
Faspex authenticates to the node machine using a Node API username and password. The following command creates a Node API user and password and associates it with the system user you created.
```
> C:\Program Files (x86)\Aspera\Enterprise Server\bin\asnodeadmin.exe -a -u node_username -p node_password -x faspex
```
For example:
```
> C:\Program Files (x86)\Aspera\Enterprise Server\bin\asnodeadmin.exe -a -u faspex_node_user -p ********* -x faspex
```
Adding, modifying, or deleting a node-user triggers automatic reloading of the user database and the node's configuration and license files.

Verify that you correctly added the node user.

> C:\Program Files (x86)\Aspera\Enterprise Server\bin\ asnodeadmin.exe -l

The output from the example in the previous step should look like the following:

                user       system/transfer user                    acls
====================    =======================    ====================
    node_faspex_user                     faspex    []

Verify you have installed a valid license on your transfer server. Run the ascp -A command and review the enabled settings list. For example:
```
Enabled settings: connect, mobile, cargo, node, proxy, http_fallback_server, 
group_configuration, shared_endpoints, desktop_gui
```
If the list includes connect and http_fallback_server, you have a Faspex-enabled server license. If you do not see those settings, follow the instructions in the Updating the Product License topic in the Enterprise Server Admin Guide.
Note: If you updated your transfer server license, you must restart the asperanoded service afterwards. Go to Start Menu > Control Panel > Administrative Tools > Services. Right-click the Aspera NodeD service and select Restart.
Install the IBM Aspera Connect Browser Plug-in key.

First, locate your Connect Browser Plug-In key in the following location:

C:\Program Files (x86)\Aspera\Enterprise Server\var\aspera_id_dsa.pub
Then, run the following commands in a terminal window to create a .ssh folder (if it does not already exist) in the faspex user's home directory:
```
> cd "C:\Documents and Settings\faspex"
> mkdir .ssh
```
Use a text editor to create or edit the following file:
C:\Documents and Settings\faspex\.ssh\authorized_keys
Add the faspex user's key string into this file and save it.
Note: Make sure the authorized_keys file has no file extension. Some text editors add a .txt extension to the filename automatically. Be sure to remove the extension if it was added to the filename.

The remote transfer node is now configured to work with Faspex. If you have not yet installed Faspex, see Installing Faspex with a Local Node. Otherwise, for instructions on adding this node to Faspex, see Configuring a Remote Server in Faspex.