On Windows, the connection capture component required for transparent FTP tunneling has to be separately selected during installation. For installation instructions, see Installing on Windows .
The transparent FTP tunnels are defined in the Connection Broker configuration with the filter rules. After that, transparent FTP tunneling is automatically active whenever the Connection Broker is running. The default settings for transparent FTP tunneling will use the user name and the host name from the FTP application.
An example of the filter rule configuration for transparent FTP tunneling on Windows is shown in Figure 5.6.
With this configuration, all FTP connections using Windows ftp.exe to port 21 will be tunneled to the destination host defined by the originating FTP application. The connection is made with the user name received from the originating FTP application, and to the destination host defined by the application. Falling back to plaintext mode is not allowed.
To enable falling back to plaintext FTP if the secure tunnel cannot be created, select the Fall back to direct connection if secure connection fails check box.
You can also use a connection profile to define the target server for transparent FTP tunneling. Notice that connection profiles that are used with transparent FTP tunneling must not include a specific user name. In the profile settings, choose setting Prompt user for the user name or User current Windows user name. The first setting requires that the user is present and initiates authentication manually every time an FTP tunnel is requested. See the configuration description in Defining Connection Profiles.
If you define a connection profile that uses the concurrent (Windows) user name, clear the Use user name from the application check box. The user name defined by the application will override any user names set in the profile.