Azure getting started with 3.0
Introduction
SFTP Gateway is a pre-configured SFTP server that transfers files to Azure Blob storage.
Version 3 lets you read and write directly to Blob storage, using the SFTP protocol. This version also includes a folder management feature for configuring sharing scenarios such as multi-user read/write to the same Blob storage location.
To start, you provision SFTP Gateway from the Azure Marketplace. This takes you to the VM creation wizard in the Azure Portal. Here, you configure VM settings such as the VM size, and Network Security Group rules to open up SFTP access while restricting ports reserved for admin use.
Subscribe
You first need to subscribe to the SFTP Gateway product. Doing so allows your Azure account to provision the SFTP Gateway VM offer.
Navigate to the SFTP Gateway product on the Azure marketplace
Click the Get it now button.
Click the Continue button.
It will now ask you if you want to create a VM or if you want to start with a pre-set configuration:
If you choose to create a VM, it will bring you to this page:
If you choose to createa pre-set configuration it will bring you to this page
Creating the VM
You will be redirected to the Create a virtual machine wizard.
Go through the Create a virtual machine wizard
On the Basics tab, fill out the following information:
- Resource Group: Click Create New and enter a name. Or, select an existing one from the drop-down menu.
- Virtual machine name: Enter a name for your VM.
- Size: For testing purposes, you can use B1ms. For production, we recommend one of the D sizes.
- Authentication type: Select SSH public key authentication.
- Username: Enter a username, such as centos.
- SSH public key: Paste in a public key in which you have access to the private key.
- Public inbound ports: Keep this at the default, which is to allow Port 22. You will later configure advanced options on the Networking tab.
The form looks like this:
Click on the Networking tab, and configure the following options:
- Virtual network, Subnet, Public IP: These should auto-populate based on information you provided earlier.
- NIC network security: Select Advanced
- Configure network security group: Click Create new
Configure inbound rules on the network security group.
This is where you grant your IP address access to ports 22, 2222, 80, and 443.
In the Create network security group window to the right, click on the existing Inbound rule 1000: default-allow-ssh.
Then edit the following fields:
- Source: Change this from Any to IP Addresses
- Source IP addresses/CIDR ranges: Paste in your IP address, followed by /32 to specify a range of a single IP. Note: You can get your current IP address from http://checkip.dyndns.org
- Destination port ranges: Change this from "22" to "22,2222,80,443"
- Priority: Change this to 1001. Otherwise it won't save.
Click Save
Click OK at the bottom to close the Create network security group window.
Click the Review + create tab on the top
It will take a few moments to validate. You should see "Validation passed" in green. Otherwise, go back and address any issues.
Review your information and click Create on the bottom.
It will take a few minutes to provision your VM.
Once complete, you should see your Resource Group with the following resources:
- Virtual machine: This is the SFTP Gateway server.
- Public IP address: When you stop the VM, you will be given the option to reserve the IP address. Make sure you do so.
- Storage account: This contains diagnostic information for your VM.
- Network security group: This acts as a firewall for the VM.
Access the Admin Interface
To access SFTP Gateway admin interface, go to the output tab of the stack in your Azure VM portal and copy the Public IP address value (Fig-1).
Fig-1
Paste the URL in the address bar of your browser.
The next step is to go through the First Launch Experience to create your first web admin account.