1 Introduction

Progress MOVEit provides secure file transfers of sensitive data to meet regulatory compliance for every organization. With advanced management, automation, flexible deployment options, reporting, and simple API integrations, Progress MOVEit is the secure file transfer of choice.

The LoadMaster delivers an exceptional, cost effective, and easy to use solution which, by employing intelligent server health checking, High Availability (HA) and load balancing to provides an always-on application experience for MOVEit Transfer.

1.1 Document Purpose

This document provides the recommended LoadMaster settings used when providing load balancing for MOVEit Transfer. The Progress Kemp Support team is available to provide solutions for scenarios not explicitly defined. The Progress Kemp Support site can be found at: https://support.kemptechnologies.com.

1.2 Intended Audience

This document is intended to be read by anyone who is interested in configuring the LoadMaster to optimize Progress MOVEit Transfer.

2 Template

Progress Kemp has developed a template containing our recommended settings for this workload. You can install this template to help create Virtual Services (VSs) because it automatically populates the settings. You can use the template to easily create the required VSs with the recommended settings. For some workloads, additional manual steps may be required such as assigning a certificate or applying port following. These steps are covered in the document, if needed.

You can remove templates after use and this will not affect deployed services. If needed, you can make changes to any of the VS settings after using the template.

Download released templates from the following page: LoadMaster Templates.

For more information and steps on how to import and use templates, refer to the Virtual Services and Templates, Feature Description.

3 Architecture

Progress MOVEit Transfer deployments consist of two or more secure file transfer servers and a load balancer to provide the needed high availability, health checking, and distribution of traffic.

4 Configure the LoadMaster

Refer to the sections below for details on some recommended global settings.

4.1 Disable Server NAT Globally

Layer 4 load balancing requires that the MOVEit servers point their default gateway to the load balancer to avoid any asymmetrical routing. In a single LoadMaster deployment this would be the interface IP address of the load balancer and in a HA pair configuration, this would be the shared IP address.

Because all egress traffic will be sent out of the load balancer, Server NAT should be disabled globally to not interfere with required connectivity to other services. This setting should be disabled with caution should there be other workloads published on the same load balancer.

To disable Server NAT (SNAT) globally, follow the steps below:

1. In the main menu of the LoadMaster User Interface (UI), go to System Configuration > Miscellaneous Options > Network Options.

2. Deselect the Enable Server NAT check box.

5 Virtual Services

MOVEit Transfer supports several secure protocols that can be load balanced and failover automatically in the event of a server going offline.

This step-by-step setup of Virtual Services (VSs) leverages the Progress Kemp application template for MOVEit Transfer. This template configures the Virtual Services to leverage Layer 4 and/or Layer 7 transparency for the TCP services such as HTTPS, SFTP, and FTPS. This approach will allow the real servers to see the source IP address of the devices running in the infrastructure.

The table in each section outlines the settings configured by the application template. You can use this information to manually configure Virtual Services or use the LoadMaster Application Programming Interface (API) and automation tools.

5.1 Create the MOVEit Transfer HTTPS Virtual Service

The following are the steps involved and the recommended settings to configure the MOVEit Transfer HTTPS Virtual Service.

1. In the main menu of the LoadMaster User Interface (UI), go to Virtual Services > Add New.

   

2. Type a valid Virtual Address.

3. Select the MOVEit-Transfer-HTTPS template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Type the Real Server Address.

8. Click Add This Real Server.

9. Repeat these steps to add more Real Servers as needed.

5.1.1 MOVEit Transfer HTTPS Virtual Service Recommended Settings (optional)

This table outlines the recommended settings set using the Progress Kemp application template. You can use the API parameters and values with scripts and automation tools.

API Parameter	API Value	WUI Field Name	WUI Field Value
port	443	Port	443
prot	tcp	Protocol	tcp
VStype	http	Service Type	HTTP-HTTP/2-HTTPS
Transparent	1	Transparency	Enabled
Schedule	lc	Scheduling Method	least connection
CheckType	tcp	Real Server Check Method	TCP Connection Only
CheckPort	443	Checked Port	443

It is optional to add a HTTP redirector Virtual Service. Whether you require one or not depends on your environment.

5.2 Create the MOVEit SFTP Virtual Services

The following are the steps involved and the recommended settings to configure the MOVEit Transfer SFTP Virtual Service:

1. In the main menu of the LoadMaster UI, go to Virtual Services > Add New.

   

2. Type a valid Virtual Address.

3. Select the MOVEit-Transfer-SFTP template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Type the Real Server Address.

8. Click Add This Real Server.

9. Repeat these steps to add more Real Servers as needed.

5.2.1 MOVEit Transfer SFTP Virtual Service Recommended Settings (optional)

This table outlines the recommended settings set using the Progress Kemp application template. You can use the API parameters and values with scripts and automation tools.

API Parameter	API Value	WUI Field Name	WUI Field Value
port	22	Port	22
prot	tcp	Protocol	tcp
VStype	gen	Service Type	Generic
Transparent	1	Transparency	Enabled
Schedule	lc	Scheduling Method	least connection
CheckType	tcp	Real Server Check Method	TCP Connection Only
CheckPort	22	Checked Port	22

5.3 Create the MOVEit FTPS Virtual Services

The following are the steps involved and the recommended settings to configure the MOVEit Transfer FTPS Virtual Service:

1. In the main menu of the LoadMaster UI, go to Virtual Services > Add New.

   

2. Type a valid Virtual Address.

3. Select the MOVEit-Transfer-FTPS template in the Use Template drop-down list.

4. Click Add this Virtual Service.

5. Expand the Real Servers section.

6. Click Add New.

7. Type the Real Server Address.

8. Click Add This Real Server.

9. Repeat these steps to add more Real Servers as needed.

5.3.1 MOVEit Transfer FTPS Virtual Service Recommended Settings (optional)

This table outlines the recommended settings set using the Progress Kemp application template. You can use the API parameters and values with scripts and automation tools.

API Parameter	API Value	WUI Field Name	WUI Field Value
port	21	Port	21
prot	tcp	Protocol	tcp
VStype	gen	Service Type	Generic
Transparent	1	Transparency	Enabled
ServerInit	3	Server Initiating Protocols	Other Server Initiating
ExtraPorts	990,10021,10990,3000-3100	Extra Ports	990,10021,10990,3000-3100
Schedule	lc	Scheduling Method	least connection
Persist	src	Persistence Options	Source IP Address
PersistTimeout	300	Timeout	5 Minutes
CheckType	tcp	Real Server Check Method	TCP Connection Only
CheckPort	21	Checked Port	21

Last Updated Date

This document was last updated on 28 February 2023.