< Home

ftp

Function

The ftp command connects the FTP client to the FTP server and enters the FTP client view.

Format

# Connect the FTP client to the FTP server based on the IPv4 address.

ftp [ [ ssl-policy policy-name ] [ -a source-ip-address | -i interface-type interface-number ] host-ip [ port-number ] [ public-net | vpn-instance vpn-instance-name ] ]

# Connect the FTP client to the FTP server based on the IPv6 address.

ftp [ ssl-policy policy-name ] ipv6 host-ipv6 [ port-number ]

ftp [ ssl-policy policy-name ] ipv6 ipv6-linklocal-address -oi { interface-name | interface-type interface-number } [ port-number ]

Parameters

Parameter

Description

Value
ssl-policy policy-name

Specifies the name of the SSL policy that provides the secure FTP function.

The value is a string of 1 to 23 case-insensitive characters without spaces.
-a source-ip-address

Specifies the source IP address for connecting to the FTP client. You are advised to use the loopback interface IP address.

The value is in dotted decimal notation.
-i interface-type interface-number

Specifies the source interface type and ID. You are advised to use the loopback interface.

The IP address configured for this interface is the source IP address for sending packets. If no IP address is configured for the source interface, the FTP connection cannot be set up.

 -
host-ip

Specifies the IP address or host name of the remote IPv4 FTP server.

The value is a string of 1 to 255 case-insensitive characters without spaces.

When double quotation marks are used around the string, spaces are allowed in the string.
port-number

Specifies the port number of the FTP server.

 The value is an integer that ranges from 1 to 65535. The default value is the standard port number 21.
public-net

Specifies the FTP server on the public network.

You must set the public-net parameter when the FTP server IP address is a public network IP address.

-
vpn-instance vpn-instance-name

Specifies the name of the VPN instance where the FTP server is located.

 The value must be an existing VPN instance name.
host-ipv6 Specifies the IP address or host name of the remote IPv6 FTP server.

The value is a string of 1 to 255 case-insensitive characters without spaces.

When double quotation marks are used around the string, spaces are allowed in the string.
ipv6-linklocal-address

Specifies the local link address that is automatically generated by the remote IPv6 FTP server.

-
-oi

Specifies the outbound interface for the local IPv6 link address.

-
interface-name

Specifies the name of the outbound interface for the local IPv6 link address.

-
interface-typeinterface-number

Specifies the number of the outbound interface for the local IPv6 link address.

-

Views

User view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

Before accessing the FTP server on the FTP client, you must first run the ftp command to connect the FTP client to the FTP server. To set up a secure FTP connection based on the SSL protocol between the FTP client and server, you must set the ssl-policy parameter.

Precautions

  • Before running the ftp command to set up a secure FTP connection, you must perform the following steps on the FTP client:

    1. In the system view, run the ssl policy command to create an SSL policy and enter the SSL policy view.

    2. In the SSL policy view, run the trusted-ca load command to load a trusted CA.

    3. In the SSL policy view, run the crl load command to load a CRL. This step is optional but recommended.

  • You can set the source IP address to the source or destination IP address in the ACL rule when the -a or -i parameter is specified on the IPv4 network. This shields the IP address differences and interface status impact, filters incoming and outgoing packets, and implements security authentication.
  • You can run the set net-manager vpn-instance command to configure the NMS management VPN instance before running the open command to connect the FTP client and server.

    • If public-net or vpn-instance is not specified, the FTP client accesses the FTP server in the VPN instance managed by the NMS.

    • If public-net is specified, the FTP client accesses the FTP server on the public network.

    • If vpn-instance vpn-instance-name is specified, the FTP client accesses the FTP server in a specified VPN instance.

  • If no parameter is set in the ftp command, only the FTP view is displayed, and no connection is set up between the FTP server and client.
  • If the port number that the FTP server uses is non-standard, you must specify a standard port number; otherwise, the FTP server and client cannot be connected.
  • When you run the ftp command, the system prompts you to enter the user name and password for logging in to the FTP server. You can log in to the FTP server if the user name and password are correct.
  • If the number of login users exceeds the maximum value that the FTP server allows (that is, 5), other authorized users cannot log in to the FTP server. To allow news authorized users to log in to the FTP server, users who have performed FTP services must disconnect their clients from the FTP server. You can run the bye or quit command to disconnect the FTP client from the FTP server and return to the user view, or run the close or disconnect command to disconnect the FTP client from the FTP server and retain in the FTP client view.

Example

# Connect to the FTP server whose IP address is 10.137.217.201.

<HUAWEI> ftp 10.137.217.201
Trying 10.137.217.201 ...
Press CTRL+K to abort
Connected to 10.137.217.201.
220 FTP service ready.
User(10.137.217.201:(none)):huawei
331 Password required for huawei.
Enter password:
230 User logged in. 

[ftp]
# Connect to the remote IPv6 FTP server whose address is fc00:2001:db8::1.
<HUAWEI> ftp ipv6 fc00:2001:db8::1
Trying fc00:2001:db8::1
Press CTRL+K to abort
Connected to ftp fc00:2001:db8::1
220 FTP service ready.
User(fc00:2001:db8::1:(none)):huawei
331 Password required for huawei
Enter Password:
230 User logged in.
[ftp]

# Connect to the FTPS server whose IP address is 10.1.1.2.

<HUAWEI> ftp ssl-policy ftp_server 10.1.1.2
Trying 10.1.1.2 ...
Press CTRL+K to abort
Connected to 10.1.1.2.
220 FTP service ready.
234 AUTH command successfully, Security mechanism accepted.
200 PBSZ is ok.
200 Data channel security level is changed to private.
User(10.1.1.2:(none)):huawei
331 Password required for huawei.
Enter password:
230 User logged in.

[ftp]
Parent Topic: File Management Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >