GoAnywhere MFT Install

Guide
Version 6.0.3
 Copyright Terms and Conditions

The content in this document is protected by the Copyright Laws of the United States of America and other countries worldwide. The
unauthorized use and/or duplication of this material without express and written permission from HelpSystems is strictly prohibited.
Excerpts and links may be used, provided that full and clear credit is given to HelpSystems with appropriate and specific direction to the
original content. HelpSystems and its trademarks are properties of the HelpSystems group of companies. All other marks are property of
their respective owners.
201902140125
Table of Contents

Introduction 5 Installation in the DMZ 32

Administration 7 Changing the Java Virtual Machine (JRE) 33
Pre-Installation Notes 8 Using an External JRE 33
Port Number Usage 8 IBM i Java Requirements 34
Browser Compatibility 8 Installation in the Private Network 35
Installing GoAnywhere in a Virtual Installation with GoAnywhere Gateway 36
Environment 9
The Embedded GoAnywhere Database 38
Installation − Windows 10
Automatically Back up the Embedded
Requirements 10 Database (to Disk) 38
Installing GoAnywhere on Windows 10 Manually Backing Up the GoAnywhere
Database (to Disk) 39
Installation – Linux 12
Database Tuning 40
Requirements 12
Externalizing the GoAnywhere Database 41
Linux Installation Consideration 12
Switching the Database 41
Installing GoAnywhere on Linux 12
Troubleshooting Database Connection
Installation − UNIX, AIX, HP-UX, Solaris 14
Issues 41
Requirements 14
Database Schema Definition 42
Installing GoAnywhere 14
Backing Up the External Database 42
Installation – IBM i (iSeries) 16
Managing the Database Size 43
Requirements 16
Purging Audit Logs 43
Installing GoAnywhere on IBM i 17
Audit Log Exemptions 44
Installation – Mac OS X 22
Backing up GoAnywhere User Data 45
Requirements 22
IBM i Saving, Restoring, and Disaster
Installing GoAnywhere on Mac OS X 22 Recovery 45

Starting and Stopping GoAnywhere 23 Saving 45

Initial Configuration 25 Restoring 46

Customizing Installation Settings 28 Disaster Recovery (External Database) 47

Changing GoAnywhere Port Numbers 28 Replicating GoAnywhere User Data (for

High Availability) 48
Disabling HTTP or HTTPS Connectors 29
Clustering GoAnywhere 50
SSL (HTTPS) Configuration 30
Setting up the First System in the Cluster 51
Memory Allocation 30
Firewall Recommendations 31

page: 3 www.goanywhere.com GoAnywhere MFT Install Guide

 Table of Contents

Setting up Additional “Participant”

Systems in the Cluster 53
Troubleshooting Errors 54
Clustering Failover 55
Backups 56
GoAnywhere IBM i Commands 57
SFTP, OpenPGP, ZIP and Email Command
Shortcuts 58
Upgrading GoAnywhere 60
Uninstalling GoAnywhere 61
Windows uninstall instructions 61
Linux and UNIX uninstall instructions 61
IBM i uninstall instructions 61
Mac OS X uninstall instructions 62

GoAnywhere MFT Install Guide www.goanywhere.com page: 4

Introduction
GoAnywhere MFT is a Managed File Transfer solution which provides centralized control and
auditing of file transfers and workflows for the enterprise. With its comprehensive features and
intuitive interface, GoAnywhere MFT will reduce operational costs, improve the quality of data
transmissions and meet stringent compliance requirements.
Please note that GoAnywhere MFT will be referred to as simply “GoAnywhere” throughout this guide.

GoAnywhere General Features

l Runs on most platforms including Windows, Linux, VMware, UNIX, IBM i, Solaris and Mac OS.
l Includes a browser-based administrator interface with a customizable dashboard, advanced
graphical components and drag-n-drop support.
l Supports popular file transfer protocols including SFTP, SCP, FTP/s, HTTP/s, AS2, Web
Services, SMTP, POP3 and IMAP.
l Provides client components for connecting to internal and external systems for sending and
retrieving files.
l Provides server components to allow systems and users to connect to GoAnywhere for
uploading and downloading files.
l Protects files “at rest” and “in-motion” with FIPS 140-2 validated AES256 encryption.
l Logs all file transfer activity in a central database with an optional SYSLOG feed.
l Produces a wide variety of management and analytical reports.
l Provides Domain support to segment GoAnywhere into logical security zones.

GoAnywhere MFT Install Guide www.goanywhere.com page: 5

Introduction /

l Allows clustering for high availability (active-active) and load balancing.

l Controls user access with role-based permissions and extensive security controls.
l Includes key management tools for Open PGP Keys, SSH Keys and SSL Certificates.
l Works with the optional GoAnywhere Gateway to keep files out of the DMZ and close
inbound ports into the internal (private) network.

GoAnywhere can be used for a variety of file transfer needs including workflow automation, ad-
hoc file transfers and document collaboration. It can simplify system-to-system, user-to-system and
user-to-user file transfers.
Workflow Automation

l Provides a graphical interface for creating multi-step workflows; no scripting or programming

required.
l Includes an integrated scheduler for running workflows and file transfers at future
dates/times.
l Triggers workflows based on events, such as an upload/download event or the presence of a
new file in a folder.
l Provides APIs and commands for running workflows from customer applications and 3rd
party schedulers.
l Encrypts, signs, verifies and decrypts files using the Open PGP encryption standard.
l Accesses files and directories on network shares with support for UNC, NFS, SMB and CIFS.
l Connects to popular database servers including DB2, SQL Server, Oracle, Informix,
MySQL/MariaDB, and PostgreSQL.
l Translates data to/from Excel, XML, Delimited text and Fixed Width file formats.
l Calls customer programs and scripts as part of an overall workflow.
l Connects to enterprise messaging systems including Websphere MQ, SonicMQ, ActiveMQ
and SwiftMQ
l Compresses and extracts files using ZIP, GZIP and TAR standards.
l Supports large files with auto-resume and integrity checks to help guarantee delivery.
l Allows workflow jobs to be prioritized and segmented with job queues and run priorities.
l Sends email alerts and text messages for failed and completed transfers.

Ad-Hoc File Transfers and Collaboration

l Provides an HTTPS web-client for browser-based file transfers.

l Allows access to authorized network folders through the browser.
l Includes the GoDrive file system for collaboration, sharing and synchronizing documents
across devices.
l Provides delivery of sensitive messages and documents through email notifications with
secure HTTPS links.
l Integrates with Active Directory (AD), LDAP, IBM i, RADIUS, and SAML for user
authentication
l Allows self-registration of users with administrator approval.

page: 6 www.goanywhere.com GoAnywhere MFT Install Guide

 Introduction / Administration

Administration
Authorized users can utilize GoAnywhere's browser-based Administrator to perform configuration
and monitoring within the product.

GoAnywhere MFT Install Guide www.goanywhere.com page: 7

Pre-Installation Notes
Port Number Usage
Listed below are the default port numbers that will be used for GoAnywhere modules. These port
numbers can be overridden during the installation or at any time after the installation. You may
need to adjust your firewall settings or other access control software to allow connections on these
ports.

Port Number Description

8000 Administrator functions over HTTP
8001 Administrator functions over HTTPS
8005 Shutdown port for GoAnywhere
8006 Clustering communications channel (if enabled)
8009 Agent service
8010 Command communications channel for GoFast (if enabled)
443 HTTPS/AS2 service for trading partners
21 FTP service for trading partners
990 FTPS service for trading partners
22 SFTP service for trading partners

Browser Compatibility
The GoAnywhere Administrator and Web Client interface's require modern internet browsers that
support HTML 5. Popular browsers are supported including Internet Explorer*, Edge, Chrome,
Firefox and Safari. Please note that some HTML 5 advanced features, such as drag and drop, will
not work in older versions of browsers.
*GoAnywhere MFT supports Microsoft Internet Explorer 9, 10, and 11.

GoAnywhere MFT Install Guide www.goanywhere.com page: 8

Pre-Installation Notes / Installing GoAnywhere in a Virtual Environment

Installing GoAnywhere in a Virtual

Environment
GoAnywhere MFT can be installed in most virtual environments, including VMware, Microsoft
Azure, Amazon EC2, and more. When installing in a virtual environment, the MAC address on the
server where GoAnywhere is installed must be static. Your GoAnywhere MFT license will become
invalid if the MAC addresses changes, and a new license must be issued by contacting HelpSystems
Sales.

page: 9 www.goanywhere.com GoAnywhere MFT Install Guide

Installation − Windows
GoAnywhere can be installed onto a Windows server for enterprise usage. GoAnywhere can also
be installed onto Windows desktops or laptops, which is useful for individual development and
testing purposes. Both 32-bit and 64-bit versions of Windows are supported.
A Windows installation wizard is provided for GoAnywhere which installs the product files into the
directory of your choice. GoAnywhere will be implemented as a Windows Service which will
automatically start (by default) when Windows starts.

Requirements
Operating Systems Windows Server 2008 R2®
supported
Windows Server 2012®

Windows Server 2012 R2®

Windows Server 2016®

Windows Vista®

Windows 7®

Windows 8®

Windows 10®

Disk space 375 MB for product (does not include

user data)
Memory 512 MB minimum

Installing GoAnywhere on Windows

Perform the following steps to install the GoAnywhere product onto a Windows machine.

1. Login to the target Windows system as an administrator.

2. Download the GoAnywhere installer .EXE file from the GoAnywhere Customer Portal at
my.goanywhere.com.
NOTE:
If you have a 64-bit operating system, make sure to download the 64-bit version.

GoAnywhere MFT Install Guide www.goanywhere.com page: 10

Installation − Windows / Installing GoAnywhere on Windows

3. Execute the downloaded .EXE file and follow the prompts on the screens.
4. If you did not choose to start the GoAnywhere application server within the installer, then
you can manually start this server by following these instructions:
a. Go to Control Panel > Administrative tools > Services.
b. In the Services window, right-click on GoAnywhere and select Start.
c. Within seconds after starting GoAnywhere, its status should be updated to “Started”. If
not, please contact HelpSystems technical support.

5. The installation and startup of GoAnywhere is complete. Now you should proceed to the
Initial Configuration instructions.
NOTE:
GoAnywhere is configured in Windows as an automatic startup Service. This means that
the GoAnywhere will automatically start whenever Windows starts.

page: 11 www.goanywhere.com GoAnywhere MFT Install Guide

Installation – Linux
GoAnywhere can be installed onto a Linux server for enterprise usage. GoAnywhere can also be
installed onto Linux desktops or laptops, which is useful for individual development and testing
purposes. Both 32-bit and 64-bit versions of Linux are supported.
A graphical installation wizard is provided for GoAnywhere which installs the product files into the
directory of your choice.

Requirements
Disk space 375 MB for product (does not include user data)
Memory 512 MB minimum

Linux Installation Consideration

GoAnywhere MFT is a powerful automation tool that is capable of executing native Linux
commands and programs, as well as file actions such as read, write, and delete. It is recommended
to designate a non-root user on the system that will be used to install and run the GoAnywhere
application. This user will be the owner of all files created during installation as well as files written
to the file system during use.
During installation, you will be prompted to specify the ports required (FTP, SFTP, HTTPS, etc) by
GoAnywhere. Although Linux requires root level access to bind to privileged ports (1-1024), it is
recommended to configure GoAnywhere to bind to non-standard ports so that root level access is
not required to install and run GoAnywhere.
GoAnywhere Gateway is a reverse proxy that can be used in front of GoAnywhere MFT that allows
binding to privileged ports without allowing root access to the file system. If GoAnywhere Gateway
is not used, GoAnywhere MFT may need to be installed and running as root to use standard FTP,
FTPS, SFTP and HTTP/S ports.

Installing GoAnywhere on Linux

Perform the following steps to install the GoAnywhere onto a Linux system.

1. Create or designate a non-root user on the system that will be used to install and run the
GoAnywhere application. This user will be the owner of all files created during installation as
well as files written to the file system during use.
2. Login to the target Linux system as the user designated in step 1.
3. Download the GoAnywhere Linux installer file from the URL provided by HelpSystems.
4. If needed, set the Executable bit on the file (e.g. chmod 755 ga5_x_x_linux.sh).

GoAnywhere MFT Install Guide www.goanywhere.com page: 12

Installation – Linux / Installing GoAnywhere on Linux

5. If you have a graphical desktop for Linux, execute the downloaded installer file and follow
the prompts on the screens. Otherwise, execute the downloaded installer file with a –c
option (e.g. installer_filename.sh -c) and follow the prompts.
6. Start GoAnywhere by following these instructions:
a. Open a Terminal window.
b. Change the working directory to the directory where GoAnywhere was installed
(for example, cd /usr/local/HelpSystems/GoAnywhere)
c. Start GoAnywhere by executing the following shell script:
./goanywhere.sh start
7. The installation and startup of GoAnywhere is complete. Now you should proceed to the
Initial Configuration instructions.

NOTE:
You can setup GoAnywhere so it starts automatically when the Linux system is booted. Please
refer to your operating system manual for more details on setting up auto-start services. You
can execute goanywhere.sh from your startup scripts.

page: 13 www.goanywhere.com GoAnywhere MFT Install Guide

Installation − UNIX, AIX, HP-UX,
Solaris
GoAnywhere can be installed onto a server for enterprise usage. This page includes installation
instructions for UNIX, Solaris (SPARC and Intel), AIX and HP-UX servers.
An installation wizard is provided for GoAnywhere which installs the product files into the
directory of your choice.

Requirements
Disk space 250 MB for product (does not include user data)
Memory 512 MB minimum
JRE (Java Runtime Environment) The following JREs can be used:

l Oracle Java SE 8
l Azul Zulu Java SE 8
l IBM Java SE 8

Installing GoAnywhere
Perform the following steps to install GoAnywhere onto a UNIX, Solaris (SPARC and Intel), AIX or
HP-UX server.

1. Create or designate a non-root user on the system that will be used to install and run the
GoAnywhere application. This user will be the owner of all files created during installation as
well as files written to the file system during use.
2. Login to the server as the user designated in step 1.
3. Download the GoAnywhere UNIX installer file from the GoAnywhere Customer Portal at
my.goanywhere.com.
4. Open a Terminal window.
5. Change the directory to where the installer file was downloaded (e.g. cd /root/Desktop).
6. If needed, set the Executable bit on the file (e.g. chmod 755 ga5_x_x_unix.sh).
7. Run the installer (e.g. ./goanywhere5_x_x_unix.sh).

GoAnywhere MFT Install Guide www.goanywhere.com page: 14

Installation − UNIX, AIX, HP-UX, Solaris / Installing GoAnywhere

8. The installer will attempt to find a compatible JRE (Java Runtime Environment) for the
installation process. Follow the steps below if the installer cannot find a compatible JRE:
a. Define an environment variable named INSTALL4J_JAVA_HOME to point to the home
directory of the JRE (e.g. export INSTALL4J_JAVA_HOME=/usr/lib/jvm/java-1.8.0-
sun/jre).
b. Clear the Installer cache by removing the file named .install4j from your home
directory
(e.g. rm /root/.install4j).
c. Run the installer again (e.g. ./goanywhere5_x_x_unix.sh).
9. Follow the on-screen instructions to complete the installation.
10. JCE policy files must be copied to the JRE’s (Java Runtime Environment) security folder in
order to support encryption functions in GoAnywhere:

For IBM platforms (e.g. AIX), copy the JCE policy files of US_export_policy.jar and local_
policy.jar from the jce_policy_files/ibm folder (located under the GoAnywhere installation
folder) to the jre/lib/security folder (located under the JRE's installation directory).
For all other platforms (e.g. Solaris), copy the JCE policy files of US_export_policy.jar and
local_policy.jar from the jce_policy_files/sun folder (located under the GoAnywhere
installation folder) to the jre/lib/security folder (located under the JRE's installation
directory).

11. Start the GoAnywhere by following these instructions:

a. Open a Terminal window.
b. Change the working directory to the directory where GoAnywhere is installed. (eg,
cd /usr/local/HelpSystems/GoAnywhere)
c. Start the GoAnywhere by executing the following shell script:
./goanywhere.sh start.
d. If you receive an error indicating that no JRE could be found, set an environment
variable named JAVA_HOME to point to the JRE’s home directory
(e.g. export JAVA_HOME=/usr/lib/jvm/java-1.8.0-sun/jre) and try starting
GoAnywhere again.

12. The installation and startup of GoAnywhere is complete. Now you should proceed to the
Initial Configuration instructions.

NOTE:
You can setup GoAnywhere so it starts automatically when the system is booted. Please refer
to your operating system manual for more details on setting up auto-start services. You can
execute goanywhere.sh from your startup scripts.

page: 15 www.goanywhere.com GoAnywhere MFT Install Guide

Installation – IBM i (iSeries) / Requirements

Installation – IBM i (iSeries)

GoAnywhere can be installed on IBM i systems which meet the following requirements.

Requirements
Operating System IBM i V7R1 or higher
Disk Space 275 MB for product (does not include user data)
Memory 512 MB minimum

Required licensed programs

The following IBM i licensed programs are prerequisites to the installation of GoAnywhere, which
are dependent on IBM i release and your choice of supported Java version.

IBM i Release Licensed Program Product Option Description

V7R1 5761JV1 (Only one option 16 Java SE 8 32 bit
is required)
17 Java SE 8 64 bit
5770SS1 30 QShell
5770SS1 33 Portable App
Solutions
V7R2, V7R3 5770JV1 (Only one option 16 Java SE 8 32 bit
is required)
17 Java SE 8 64 bit
5770SS1 30 QShell
5770SS1 33 Portable App
Solutions
Environment

To check if the licensed programs (listed above) are installed on your IBM i, execute the command
GO LICPGM and select option 10 to display the installed licensed programs. Press F11 twice from
that screen to display the Product Options.
If these licensed programs are not loaded on your IBM i, they may be available on the IBM
software CDs that came with your IBM i. Otherwise, you will have to request those licensed
programs from IBM, which are normally provided at no charge.

page: 16 www.goanywhere.com GoAnywhere MFT Install Guide

 Installation – IBM i (iSeries) / Installing GoAnywhere on IBM i

Required PTFs

The following IBM i Program Temporary Fixes (PTFs) and Group PTFs are prerequisites to installing
GoAnywhere.

V7R1 Group SF99572 (minimum level of 23)

PTF
V7R2 Group SF99716 (minimum level of 8)
PTF
V7R3 Group SF99725
PTF

Use the command DSPPTF to verify that the required individual PTFs are applied. Use the
command
WRKPTFGRP to verify that the required group PTFs are applied.
IBM i components installed

The following components will be installed onto the IBM i by the GoAnywhere installation process:

n A IBM i library will be created, which will contain the GoAnywhere commands and program
objects. The default library name is GOANYWHERE, which can be changed during
installation.
n An IFS folder will be created, which will contain the GoAnywhere software components.
The default IFS folder name is /helpsystems/goanywhere, which can be changed during
installation.
n The policy files named US_export_policy.jar and local_policy.jar will be installed into the
security directory of the Java Development Kit (JDK). These policy files are used to support
encryption functions in GoAnywhere. The directory is:
QOpenSys/QIBM/ProdData/JavaVM/jdk80/32bit/jre/lib/security

Installing GoAnywhere on IBM i

Perform the following steps to install the GoAnywhere product onto the IBM i.

1. Sign on to the IBM i with the QSECOFR user profile OR with a profile which has *ALLOBJ
authority.
2. Create a temporary Save file on your IBM i by executing the following IBM i command:
CRTSAVF FILE(QGPL/GOANYWHERE)
3. The GoAnywhere software needs to be uploaded to your IBM i using FTP. Before
proceeding, ensure the FTP server is running on the IBM i. To start the native FTP server on
the IBM i, you can issue the IBM i command of
STRTCPSVR SERVER(*FTP).

GoAnywhere MFT Install Guide www.goanywhere.com page: 17

Installation – IBM i (iSeries) / Installing GoAnywhere on IBM i

4. Download the GoAnywhere installer (for IBM i) from the Customer Portal at
my.goanywhere.com.
5. Extract the files from the installer ZIP file into a new temporary folder on your workstation.
One of the extracted files will be named GOANYWHERE.SAVF.
6. FTP the extracted GOANYWHERE.SAVF file from your PC to the Save file on the IBM i (that
was created in step 2). Listed below are instructions for a Windows user:
a. Open a DOS window.
b. Enter the DOS command FTP <hostname>, where <hostname> is the host name or IP
address of your IBM i.
c. Login with your IBM i user id and password, then enter the following highlighted FTP
commands:

ftp> BINARY Switches the FTP session to binary mode

ftp> LCD \<tempdir> The <tempdir> is the PC directory containing
the file named GOANYWHERE.SAVF
ftp> CD qgpl Changes the remote directory to the QGPL
library
ftp> Sends the PC file GOANYWHERE.SAVF to the
PUT goanywhere.savf IBM i Save file named GOANYWHERE
goanywhere
ftp> QUIT Ends your FTP session

7. Restore the installation objects into QTEMP by executing the following IBM i command:
RSTOBJ OBJ(*ALL) SAVLIB(QTEMP) DEV(*SAVF) SAVF(QGPL/GOANYWHERE)
8. Delete the temporary Save file by executing the following IBM i command (optional):
DLTF FILE(QGPL/GOANYWHERE)
9. If QTEMP library is not in your library list, then add it by executing the following IBM i
command:
ADDLIBLE LIB(QTEMP) POSITION(*FIRST)
10. Prompt (F4) the command QTEMP/INSTALLGA for installing GoAnywhere. The following

page: 18 www.goanywhere.com GoAnywhere MFT Install Guide

 Installation – IBM i (iSeries) / Installing GoAnywhere on IBM i

screen appears.

Parameter descriptions:

Field name Description

Install library The library to contain the GoAnywhere product objects.
The specified library name must not already exist.
Install IFS directory The directory to contain the GoAnywhere product files.
The specified directory name must not already exist.
Install policy files Indicate if policy files should be installed into the security
directory of the Java Development Kit (JDK). These files
are used to support the encryption processes in
GoAnywhere. It is strongly recommended to use the
default setting of 'YES'.
Administration port The port number that the GoAnywhere Administrator runs
under (using HTTP). Default is 8000. *
Secure administration The port number that the GoAnywhere Administrator runs
port under (using HTTPS). Default is 8001. *
HTTPS service port The port number to run the HTTPS/AS2 service under (for
trading partner file transfers). Default is 443. *
FTP service port The port number to run the FTP service under (for trading
partner file transfers). Default is 21. *
FTPS service port The port number to run the FTPS service under (for trading
partner file transfers). Default is 990. *

GoAnywhere MFT Install Guide www.goanywhere.com page: 19

Installation – IBM i (iSeries) / Installing GoAnywhere on IBM i

Field name Description

SFTP service port The port number to run the SFTP service under (for trading
partner file transfers). Default is 22. *
GoFast service port The port number to run the GoFast service under (for
accelerated trading partner file tranfers). Default is 8010.*
Shutdown port The port number which the GoAnywhere will listen to for
shutdown requests. Default is 8005. *

* To check if the port number is already in use, run the IBM i command of NETSTAT and select
option 3. Then press F14 to see the numeric port numbers.

11. After reviewing and/or modifying the parameters on the INSTALLGA command, press enter
to start the installation process.
12. Prompt (F4) the command GOANYWHERE/STRGA for starting the GoAnywhere subsystem.
The following screen will be displayed.

For the Server User Profile parameter, keep the default of *CURRENT if you want to run the
GoAnywhere application under your user profile. Otherwise, specify a different user profile
to run the GoAnywhere application server under.
NOTE:
The user profile specified on the STRGA command must be enabled on the IBM i. This
profile must have *USE authority to the STRSBS command and *RWX authority to the
IFS folders where GoAnywhere is installed.

For security purposes, you may want to create a new user profile and consistently use that
profile on the STRGA command. Then you would only have to grant authority for the
GoAnywhere installation IFS folders to that user profile. There are certain user profiles that
you cannot use to start the GoAnywhere subsystem. These are: 'QSECOFR', ‘QSPL', 'QDOC',
'QDBSHR', 'QRJE', 'QSYS', 'QLPAUTO', 'QLPINSTALL', 'QTSTRQS' or 'QDFTOWN'

13. Press enter on the STRGA command to start the GoAnywhere subsystem.
14. Execute the WRKACTJOB (Work with Active Jobs) command to confirm that the
GoAnywhere subsystem is running. You should find a subsystem which has the same name as
the library name that was specified on the INSTALLGA command in step 10 (named
GOANYHWERE by default). This subsystem should contain two jobs, one is for the
GoAnywhere application, and the other is for the JVM.
15. The installation and startup of GoAnywhere is complete. Now you should proceed to the

page: 20 www.goanywhere.com GoAnywhere MFT Install Guide

 Installation – IBM i (iSeries) / Installing GoAnywhere on IBM i

Initial Configuration instructions.

NOTE:
The GoAnywhere can automatically start when the System i is powered up (IPL). To
perform this automatic startup, place the STRGA command in the System i startup CL
program (after the start of TCPIP).

CL example:

GoAnywhere MFT Install Guide www.goanywhere.com page: 21

Installation – Mac OS X
GoAnywhere can be installed onto Apple's Mac OS X desktops, laptops, or servers.
A Mac OS X installation wizard is provided for GoAnywhere which installs the product files into the
directory of your choice.

Requirements
Operating Systems supported Mac OS X
Disk space 250 MB for product (does not include user data)
Memory 512 MB minimum

Installing GoAnywhere on Mac OS X

Perform the following steps to install the GoAnywhere product onto an Apple machine.

1. Login to the target Mac OS X system as an administrator.

2. Download the GoAnywhere installer .DMG file from the GoAnywhere Customer Portal at
my.goanywhere.com.
3. Open the downloaded .DMG file, double click the GoAnywhere Installer, and follow the
prompts on the screen.
4. Start GoAnywhere by following these instructions:
a. Open a Terminal window.
b. Change the working directory to the directory where GoAnywhere was installed.
(for example, cd /Applications/HelpSystems/GoAnywhere)
c. Start GoAnywhere by executing the following shell script:
./goanywhere.sh start
5. The installation and startup of GoAnywhere is complete. Now you should proceed to the
Initial Configuration instructions.

NOTE:
You can setup GoAnywhere so it starts automatically when the Mac OS X system is booted.
Please refer to your operating system manual for more details on setting up auto-start services.
You can execute goanywhere.sh from your startup scripts.

GoAnywhere MFT Install Guide www.goanywhere.com page: 22

Starting and Stopping
GoAnywhere
Windows instructions

To start GoAnywhere:

1. Go to the Windows machine and log in with an administrator account.

2. Go to Control Panel > Administrative tools > Services.
3. In the Services window, right-click on GoAnywhere and select Start. Within seconds after
starting GoAnywhere, its status should be updated to “Running”.

To stop GoAnywhere:

1. Go to the Windows machine and log in with an administrator account.

2. Go to Control Panel > Administrative tools > Services.
3. In the Services window, right-click on the GoAnywhere and select Stop.

Linux and UNIX instructions

To start GoAnywhere:

1. Open a Terminal window.

2. Change the working directory to the directory where GoAnywhere is installed
(for example, cd /usr/local/HelpSystems/GoAnywhere).
3. Start the GoAnywhere by executing the following shell script:
./goanywhere.sh start

To stop GoAnywhere:

1. Open a Terminal window.

2. Change the working directory to the directory where GoAnywhere is installed
(for example, cd /usr/local/HelpSystems/GoAnywhere).
3. Stop the GoAnywhere by executing the following shell script:
./goanywhere.sh stop

IBM i (iSeries) instructions

Start the GoAnywhere by executing the IBM i command of STRGA.

Stop the GoAnywhere by executing the IBM i command of ENDGA.
The STRGA and ENDGA commands are located in the GoAnywhere installation library, which is
named GOANYWHERE by default.
Mac OS X instructions

To start GoAnywhere:

GoAnywhere MFT Install Guide www.goanywhere.com page: 23

Starting and Stopping GoAnywhere /

1. Open a Terminal window.

2. Change the working directory to the directory where GoAnywhere is installed
(for example, cd /Applications/HelpSystems/GoAnywhere)
3. Start the GoAnywhere by executing the following shell script:
./goanywhere.sh start

To stop GoAnywhere:

1. Open a Terminal window.

2. Change the working directory to the directory where GoAnywhere is installed
(for example, cd /Applications/HelpSystems/GoAnywhere)
3. Stop the GoAnywhere by executing the following shell script:
./goanywhere.sh stop

page: 24 www.goanywhere.com GoAnywhere MFT Install Guide

Initial Configuration
Follow the instructions below to request a license key, test the installation, and perform initial
configuration of GoAnywhere.

1. To access the GoAnywhere Administrator using a standard HTTP connection, open your
browser and type the URL of http://[hostname]:[portnumber] where [hostname] is the host
name or IP address of GoAnywhere and [portnumber] is the port number of the
GoAnywhere Administrator. The default HTTP port for the Administrator is 8000.

Example: http://myserver:8000

Otherwise, to access the GoAnywhere Administrator over a secure HTTPS connection, open
your browser and type the URL of https://[hostname]:[portnumber]. The default HTTPS port
for the Administrator is 8001.

Example: https://myserver:8001

2. The License Server page appears. Click the Get License button and follow the on screen
prompts to license the server.
3. Once the server is licensed, You are prompted to create an administrator account for
GoAnywhere. This account is assigned all administrator roles with access rights to the entire
GoAnywhere application. After this account is created, other Admin User accounts can be
created from the Users > Admin Users page.

4. Specify a User Name and Password and click Submit.

5. The GoAnywhere Administrator dashboard is displayed.

GoAnywhere MFT Install Guide www.goanywhere.com page: 25

Initial Configuration /

6. Review and adjust the global settings in GoAnywhere by following the instructions below:
a. From the main menu bar, select the System option.
b. Choose the Global Settings option.
c. Review the settings on the tabs and make any changes as needed. Read the on-line
help text for each setting to understand its purpose.
d. Be sure to specify the settings for your SMTP server on the SMTP Settings tab. This
will allow GoAnywhere to send email alerts when certain events occur.
e. Note that some changes to the Global Settings will take effect only when GoAnywhere
is restarted.
7. By default, Admin User and Web User passwords are authenticated against the passwords
stored in the GoAnywhere database. Optionally, you can configure GoAnywhere Login
Methods for basic authentication of Admin User and Web User passwords against a Windows
Active Directory, a Generic LDAP, or an IBM i (iSeries) located within your organization.
Web User accounts can also be synchronized with users stored in an LDAP server.
a. From the main menu bar, select the Users option.
b. Choose the Login Methods option.
c. Click the Add Login Method button.
d. Read the on-line help text for specific instructions to configure user authentication
for your system.
8. GoAnywhere includes two disabled admin accounts, named administrator and root, that will
always be authenticated against the GoAnywhere internal database. If you enable these
accounts, you should change the default account passwords following the instructions below.
a. From the main menu bar, select the Users option.
b. Choose the Admin Users option.
c. Next to the administrator user name, click on the button and choose Reset
password.
d. Specify the new password on the screen and click on the Reset button.
e. Next to the root user name , click on the button and choose Reset password.

page: 26 www.goanywhere.com GoAnywhere MFT Install Guide

 Initial Configuration /

f. Specify the new password on the screen and click on the Reset button.
g. Record the new passwords in a safe place.
h. Edit the accounts, and then click the Enabled option on the account profile. The
accounts can now be used to log in to GoAnywhere.
9. Manage the settings for the services (FTP, FTPS, SFTP, HTTPS, AS2) which you want to make
available to your trading partners by following the instructions below:
a. From the main menu bar, select the Services > Service Manager.
b. Follow the instructions in the on-line help to learn how to adjust settings for the
various services.
c. After adjusting any settings, you can click on the icon to start (or restart) the service.

GoAnywhere MFT Install Guide www.goanywhere.com page: 27

Customizing Installation
Settings
Changing GoAnywhere Port Numbers
By default, GoAnywhere administrator will utilize port numbers 8000, 8001 and 8005 on your
system for the following functions:

n 8000 is the default HTTP port which users can connect (from their browsers) for performing
administration in GoAnywhere.
n 8001 serves the same function as port 8000, but uses a HTTPS (SSL-protected) connection.
n 8005 is the default port for requesting a shutdown of GoAnywhere from a remote system.

You can change these port numbers within the GoAnywhere browser-based administrator interface,
or by using the CFGGA command for IBM i or by making direct changes to a GoAnywhere
configuration file.
Changing ports using the browser interface

1. Open a browser window and log into the GoAnywhere Administrator.

2. From the main menu bar, select the System option.
3. Select the Admin Server Configuration option.
4. Select the Listener node in the tree.
5. Specify the new port number and click on the Save button.
6. The GoAnywhere server must be restarted for the changes to take effect.

Changing ports using the CFGGA command on IBM i

1. Log in to the IBM i using a terminal session.

2. End the GoAnywhere subsystem by running the ENDGA command.
3. Run the CFGGA command.
4. Under the Port Information section, edit the port numbers as needed by choosing option 2.
5. You may also want to change the URL under the Run Project Defaults section to match the
port number to the new Server Port.
6. Save the settings and restart GoAnywhere by running the STRGA command.

Changing ports by manually editing the configuration file

1. Stop the GoAnywhere server (if it is running).

2. Edit the configuration file [Install_Dir]/tomcat/conf/server.xml, where [Install_Dir] is the
installation directory of GoAnywhere.

GoAnywhere MFT Install Guide www.goanywhere.com page: 28

Customizing Installation Settings / Disabling HTTP or HTTPS Connectors

3. Change the port number for the HTTP or HTTPS connectors. Example:
<Connector port="8000" />
4. Change the port number for the shutdown listener. Example:
<Server port="8005" shutdown="SHUTDOWN">
5. Save the configuration file.
6. Start the GoAnywhere server.

Disabling HTTP or HTTPS Connectors

GoAnywhere is initially configured to support both HTTP and HTTPS (SSL) connectors for its
browser-based Administrator. If you want to disable one of these connectors, then follow the
instructions below.

1. Stop the GoAnywhere server (if it is running).

2. Open the configuration file [Install_Dir]/tomcat/conf/server.xml, where [Install_Dir] is the
installation directory for GoAnywhere.
3. Locate the following XML code:

4. If you do not want to use the HTTP (only use HTTPS) connector, then delete or comment out
the line of code illustrated in blue.
5. If you do not want to use the HTTPS (only use HTTP) connector, then delete or comment out
the lines of code illustrated in green.
6. If installing to IBM JVM (e.g. IBM i), then set the algorithm=“IbmX509”
7. Save the configuration file.
8. Start the GoAnywhere server.

page: 29 www.goanywhere.com GoAnywhere MFT Install Guide

 Customizing Installation Settings / SSL (HTTPS) Configuration

NOTE:
To comment out XML code, enclose the code with the following indicators:

<!-- to begin the comment

--> to end the comment

Example: <!-- <Connector port="8000" /> -->

SSL (HTTPS) Configuration

A certificate is shipped with GoAnywhere, which is used (by default) when a user connects to the
GoAnywhere Administrator through their browser over HTTPS. While this default certificate works
for establishing a secure channel, users will see warnings about a host name mismatch when they
connect. This is because the host name in the shipped certificate will be different than the host
name of the machine which you installed GoAnywhere to.
To avoid these host mismatch warnings, it is recommended to create your own certificate (for your
machine’s host name) and update the GoAnywhere configuration file with the new certificate
information.
Follow the instructions below to create a new certificate and update the GoAnywhere configuration
file:

1. From within the GoAnywhere browser-based Administrator, create a new certificate in the
Default Private Keys Store. Read the section "Creating a New SSL Certificate" in the on-line
help text to learn how to create a certificate. Note that the Common Name in the new
certificate must match the domain name, host name, or IP address of the server on which
GoAnywhere is installed.
2. Open the configuration file [Install_Dir]/tomcat/conf/server.xml, where [Install_Dir] is the
installation directory for GoAnywhere. Then modify the value in the keyAlias attribute to be
the alias of the new certificate you created in step 1.

Memory Allocation
GoAnywhere runs in a JVM (Java Virtual Machine) instance, which is allocated 1024 MB of
memory by default when the product is installed. This memory is utilized for all features in
GoAnywhere including administration functions and file transfer activity.
Typically 1024 MB of memory is sufficient for most installations. However, if you anticipate high
loads (e.g. several thousand file transfers per day), then it is recommended to allocate more memory
for the GoAnywhere JVM. Depending on your operating system, follow the instructions below to
change this memory allocation.

GoAnywhere MFT Install Guide www.goanywhere.com page: 30

Customizing Installation Settings / Firewall Recommendations

For Windows:

1. Navigate to the directory of [Install_Dir]/tomcat/bin, where [Install_Dir] is the installation

directory for GoAnywhere.
2. Find the file named [Service_Name]w.exe, in which [Service_Name] is the name of the
windows service specified during installation. GoAnywherew.exe is the default name. Right
click on the file and choose to Run as administrator.
NOTE:
This is a service properties program that provides additional information in regards to
the JVM being started by the service.

3. Click on the Java tab and edit the Maximum memory pool setting. Specify 2048 for 2GB of
memory, 3072 for 3GB of memory, etc…
4. Click on the Apply button to save the memory settings.
5. To restart GoAnywhere for the changes to take effect, click on the General tab and choose
to Stop and then Start the service.

For Linux, IBM i, Unix, Solaris and Mac OS X:

1. Navigate to the directory of [Install_Dir]/tomcat/bin, where [Install_Dir] is the installation

directory for GoAnywhere.
2. Edit the file named start_tomcat.sh.
3. Modify the following line in the file:

JAVA_OPTS='-Xmx1024m -XX:MaxPermSize=256m -Djava.awt.headless=true'

4. The setting –Xmx1024m is the max memory setting, which is set to 1024 MB by default.
Change this setting to Xmx2048m for 2GB of memory, -Xmx3072 for 3GB of memory, etc…
Do not change the MaxPermSize value. For example:

JAVA_OPTS='-Xmx2048m -XX:MaxPermSize=256m -Djava.awt.headless=true'

5. Save the file.

6. Restart GoAnywhere for the change to take effect.

Firewall Recommendations
If you want to make GoAnywhere available to external clients over the internet, it is important that
you only open certain port numbers to the machine in which GoAnywhere is installed. This can be
controlled through your firewall settings. The firewall settings will depend on whether if the
GoAnywhere software is installed in your DMZ (Demilitarized Zone) or the Private (internal)
network, and whether if it is used in conjunction with HelpSystems GoAnywhere GatewayTM
product.
The following diagrams show the firewall settings to use if the default port numbers were used
during the installation of GoAnywhere.

page: 31 www.goanywhere.com GoAnywhere MFT Install Guide

 Customizing Installation Settings / Firewall Recommendations

Installation in the DMZ

This diagram illustrates GoAnywhere as installed in the DMZ.

Please note that the IP addresses shown are for demonstration purposes only.
Firewall configuration:

In order to administer GoAnywhere from any workstations in the private network, ports 8000 and
8001 will need to be opened (through the back-end firewall) from the private network to
GoAnywhere in the DMZ.
If external trading partners need access to the file transfer protocols (e.g. SFTP, FTP, HTTPS, AS2,
FTPS, GoFast) in GoAnywhere, those port numbers (e.g. 21, 22, 443, 990, 8010) need to be opened
through the front-end firewall to GoAnywhere in the DMZ. Additionally, if employees (on the
private network) need to access those file transfer protocols in GoAnywhere, the port numbers will
need to be opened through the back-end firewall from the private network to GoAnywhere in the
DMZ.
If trigger events in GoAnywhere need to call Remote Projects , then ports 8000 and 8001 need to
be opened (through the back-end firewall) from GoAnywhere to another GoAnywhere server in the
private network.

GoAnywhere MFT Install Guide www.goanywhere.com page: 32

Customizing Installation Settings / Changing the Java Virtual Machine (JRE)

Changing the Java Virtual Machine

(JRE)
GoAnywhere MFT runs on Java 8. GoAnywhere is bundled with Azul Zulu 8 for Windows and
Linux, but also supports OpenJDK versions of Java provided by Oracle and IBM i. Depending on
the operating system, GoAnywhere may use the JRE that is bundled with the application or it may
use an existing JRE which is already installed. Follow the steps below to change the JRE that
GoAnywhere will use.
Determine Java (JRE) version and Location

1. From the menu bar, point to Help, then click About.

2. In the About window, click the System Info tab.
3. On the System Info tab, verify the Java Version and the Java Home values.
l If the Java Home is configured to [INSTALL_DIR]/jre or [INSTALL_DIR]/jre6, you are
using the embedded JRE. Use the Upgrade instructions below to upgrade your
embedded JRE.
l If the Java Home is configured to any other directory, you are using an external JRE.

Cleaning Up Existing Embedded JRE Folders

Even if GoAnywhere MFT is using an external JRE, it is possible than an embedded JRE still exists
within the application. HelpSytems recommends that you remove the [INSTALL_DIR]/jre folder, or
rename the [INSTALL_DIR]/jre to something like [INSTALL_DIR]/jre.old.

Using an External JRE

To use an external JRE, ensure the unlimited strength JCE policy files are installed and the Java
execution environment is correct. Later versions of Java 8 include these files by default. Installing
these files is only required if GoAnywhere MFT fails to start with an error indicating that the policy
files are not installed. Use the following procedures if you are instructed to install the JCE policy
files:
JCE Policy Files

Before GoAnywhere can be started using the new JRE, it requires installation of the unlimited
strength JCE policy files. To use the unlimited strength policy files, copy the US_export_policy.jar
file and the local_policy.jar file from the jce_policy_files/oracle/1_8 folder (located in the
GoAnywhere installation folder) to the jre/lib/security folder (located in the JRE's installation
directory).
For IBM platforms (e.g. AIX), copy the JCE policy files of US_export_policy.jar and local_policy.jar
from the jce_policy_files/ibm folder (located under the GoAnywhere installation folder) to the
jre/lib/security folder (located under the JRE's installation directory).

page: 33 www.goanywhere.com GoAnywhere MFT Install Guide

 Customizing Installation Settings / Changing the Java Virtual Machine (JRE)

Changing JAVA_HOME For Linux

The JAVA_HOME environment variable needs to be set to the appropriate location for Java 8. To
set the Java version used to run GoAnywhere on Linux, run the following command before
executing the GoAnywhere upgrade script.
export JAVA_HOME='/path/to/jre'

'/path/to/jre' is the absolute path to the JRE, for example: '/usr/lib/jvm/jdk8/jre'

Changing JAVA_Home For Windows

The JAVA_HOME environment variable needs to be set to the appropriate location for Java 8. To
set the Java version used to run GoAnywhere on Windows, run the following command before
executing the GoAnywhere upgrade script.

1. Open the Control Panel and navigate to System And Security > System.
2. Click the Advanced system settings link.
3. On the Advanced tab, select Environment Variables, and then edit JAVA_HOME to point to
where the JDK software is located, for example, C:\Program Files\Java\jdk1.8.0.

IBM i Java Requirements

Required PTFs
The following Group PTFs are prerequisites to run GoAnywhere 6.0.0 on Java 8. Use the command
WRKPTFGRP to verify that the required group PTFs are applied.

IBM i Release Licensed Program Product Description

Option
V7R1 5761JV1 (Only one option is required) 16 Java SE 8 32
bit
17
Java SE 8 64
bit
5770SS1 30 QShell
5770SS1 33 Portable
App
Solutions
V7R2, V7R3 5770JV1 (Only one option is required) 16 Java SE 8 32
bit
17
Java SE 8 64
bit

GoAnywhere MFT Install Guide www.goanywhere.com page: 34

Customizing Installation Settings / Installation in the Private Network

IBM i Release Licensed Program Product Description

Option
5770SS1 30 QShell
5770SS1 33 Portable
App
Solutions
Environment

Changing Java Home

1. Stop the GoAnywhere MFT subsystem by executing the IBM i command of ENDGA. The
ENDGA command is located in the installation library, which is named GOANYWHERE by
default. Wait until the GoAnywhere MFT subsystem is completely shutdown before
proceeding.
2. Run GOANYWHERE/CFGGA and select option 2 on Java Home and Java Version.
3. Change the Java Home value from /QOpenSys/QIBM/ProdData/JavaVM/jdk70/32bit to
/QOpenSys/QIBM/ProdData/JavaVM/jdk80/32bit and then press ENTER to save.
4. Change the Java Version value from 1.7 to 1.8 and then press ENTER to save.
5. Run GOANYWHERE/CPYPOLICY to copy the JCE unlimited strength policy files into the
JVM used by GoAnywhere.
6. Start the GoAnywhere MFT subsystem by executing the IBM i command of STRGA. The
STRGA command is located in the installation library, which is named GOANYWHERE by
default.
7. Navigate to the Help > About page and verify Java has been has changed to your selected
version.

Installation in the Private Network

This diagram illustrates GoAnywhere as installed in the Private network.

page: 35 www.goanywhere.com GoAnywhere MFT Install Guide

 Customizing Installation Settings / Installation with GoAnywhere Gateway

NOTE:
The IP addresses shown are for demonstration purposes only.

Firewall configuration:

If external trading partners need access to the file transfer protocols (e.g. SFTP, FTP, HTTPS, AS2,
FTPS, GoFast) in GoAnywhere, those port numbers (e.g. 21, 22, 443, 990, 8010) need to be opened
through the firewall to GoAnywhere in the private network.

Installation with GoAnywhere Gateway

This diagram illustrates GoAnywhere as installed in the Private network, in conjunction with
GoAnywhere Gateway (a separate licensed product from HelpSystems) in the DMZ. This
configuration allows your organization to keep sensitive files, credentials and logs in the Private
network. This configuration also does not require any incoming ports opened into the Private
network, which provides a high level of security.

GoAnywhere MFT Install Guide www.goanywhere.com page: 36

Customizing Installation Settings / Installation with GoAnywhere Gateway

NOTE:
The IP addresses shown are for demonstration purposes only.

Firewall configuration:

In order to establish control and data channels from GoAnywhere to GoAnywhere Gateway, ports
9100 and 9101 will need to be opened (through the back-end firewall) from the Private Network
to GoAnywhere Gateway in the DMZ. Port 9102 will also need to be opened from the Private
Network to GoAnywhere Gateway for Forward Proxy services.
The port numbers (e.g. 21, 22, 443, 990, 8010 and 30000-32100) for the desired file transfer
protocols (e.g. FTP, SFTP, HTTPS, FTPS, AS2, GoFast) need to be opened through the front-end
firewall to GoAnywhere Gateway in the DMZ.
More information about GoAnywhere Gateway can be found at www.GoAnywhere.com.

page: 37 www.goanywhere.com GoAnywhere MFT Install Guide

The Embedded GoAnywhere
Database
By default, GoAnywhere stores its configuration settings and application data in an embedded
Derby database. This database includes almost everything GoAnywhere needs to operate, including
user-defined settings, user account information, permissions, server configuration information and
more. The database also stores the audit log entries for Project Workflows and each of the file
transfer protocols.
Operational Considerations

The embedded Derby database is ideal for trial purposes and standalone instances such as sandbox
or development environments. Customers who use the embedded Derby database on production
systems should be aware of the following limitations:

l The embedded Derby database does not support GoAnywhere clustering, and as such, the
database is only ideal for small operations where high availability is not needed.
l GoAnywhere is unavailable during backups and database tuning of the embedded database,
which halts all file transfer and workflow tasks. Externalizing the database is the preferred
method if 24/7 availability is required.
l The embedded Derby database is not accessible to 3rd party database reporting and
monitoring tools.

TIP:
HelpSystems highly recommends customers externalize the GoAnywhere database.

Automatically Back up the Embedded

Database (to Disk)
By default, GoAnywhere will perform an automatic backup (to disk) of its embedded Derby
database every day at midnight. The database backup files are created in the folder of
[Install_Dir]/userdata/database/backups, where [Install_Dir] is the installation directory for
GoAnywhere. By default, database backup files are retained for the last 7 days.
Follow the instructions below to modify the database backup settings:

1. From the main menu bar, select the System option and then select Database Configuration.
2. Click the Backup button. The current backup settings will be shown.

GoAnywhere MFT Install Guide www.goanywhere.com page: 38

The Embedded GoAnywhere Database / Manually Backing Up the GoAnywhere Database (to Disk)

n Enable Database Backup – Specify whether or not the GoAnywhere embedded database
should be backed up automatically on a scheduled basis. It is highly recommended that the
database backup remains enabled in case any data needs to be recovered.
n Backup Directory – Specify the directory to store the database backups, which is relative to
the installation directory.
n Keep Backups for – Specify the number of days (1–30) to keep the database backup files.
Backup files that are older than the specified number of days will be automatically deleted
following each backup process.
n Schedule Type – Specify if the schedule is Hourly or Daily.
n Run Every – Specify the frequency that the automatic database backup should run.

3. Click the Save button.

Manually Backing Up the GoAnywhere

Database (to Disk)
To backup the GoAnywhere database manually:

1. From the main menu bar, select System and then select Database Configuration.
2. Click the Backup button. The current backup settings will be shown.
3. Click the Backup Now button at the bottom of the screen.
4. When the system completes the backup process, a message will be displayed with the
location to which the database was backed up.

page: 39 www.goanywhere.com GoAnywhere MFT Install Guide

 The Embedded GoAnywhere Database / Database Tuning

Database Tuning
Tuning the GoAnywhere database will compress the indexes, which keeps queries running at
maximum speed. The Database Tuning page in GoAnywhere provides options to schedule database
tunings or manually tune the embedded Derby database. A consistency check can also be
performed to ensure that the database tables are not corrupt.
For more information about how to tune your database, see the System > Database Configuration
> Database Tuning topic in the GoAnywhere MFT User Guide.

WARNING:
No file transfers and workflow tasks will process during backups and database tuning.

GoAnywhere MFT Install Guide www.goanywhere.com page: 40

Externalizing the GoAnywhere
Database
GoAnywhere supports the use of external databases, which are required when high availability is
used. HelpSystems strongly recommends customers use an external database with GoAnywhere.
The following databases are supported:

l DB2/400 (IBM i) - V5R4 and later

l Derby (Network) - 10.12.1.1 (preferred Derby database version)
l Microsoft SQL Server - SQL Server 2008 and later
l MySQL 5.1 and later
l MariaDB versions 5.5 or 10.0 and later
l Oracle - 10g and later
l PostgreSQL 9.6 and later

TIP:
HelpSystems always recommends you use the latest database version for your chosen database
solution.

Switching the Database

A Switch Database Wizard is provided in GoAnywhere to guide you through the process for
changing the GoAnywhere connection from the embedded Derby database to one of the supported
external databases. The Wizard creates the necessary tables and indexes, as well as migrates the
existing GoAnywhere data to the new database.
For more information about how to switch your database, see the System > Database
Configuration > Switch Database topic in the GoAnywhere MFT User Guide.

TIP:
No changes are made to the embedded Derby database during a database switch. If for any
reason GoAnywhere cannot complete a database switch, simply restart the GoAnywhere
service. GoAnywhere will resume functioning on the embedded Derby database.

Troubleshooting Database Connection Issues

The settings and options to make a connection between GoAnywhere and your external database
are found within the Switch Database Wizard and the GoAnywhere MFT User Guide. If
GoAnywhere is unable to make a connection to your external database, it is recommended you
work with your database or network administrator to ensure you have the correct network and
database settings before contacting HelpSystems for support.

GoAnywhere MFT Install Guide www.goanywhere.com page: 41

Externalizing the GoAnywhere Database / Backing Up the External Database

Database Schema Definition

If the database administrator would like information on the database schema, this information can
be found in the [InstallDirectory]\dbscripts folder. Each supported database has it's own DDL file
located in that directory.
More information about specific database tables can be found in the Managing the Database Size
topic.

Backing Up the External Database

Your database administrator should backup the GoAnywhere tables in your designated database
using your regular database backup procedures.

page: 42 www.goanywhere.com GoAnywhere MFT Install Guide

Managing the Database Size
GoAnywhere tables that contain system settings, user account information, permissions, server
configuration information, etc. typically do not grow large and have minor database impacts. Tables
that contain auditing information can contain thousands or millions of records depending on the
volume of projects or file transfers that occur. The following audit log tables will typically grow the
fastest:

Table Name Purpose

dpa_admin_log The Administrator audit log.
dpa_admin_log_detail The Administrator audit log details.
dpa_as2_audit_log The audit log for the AS2 service.
dpa_gd_audit_log The audit log for the GoDrive service.
dpa_gftp_audit_log The audit log for the FTP service.
dpa_gftps_audit_log The audit log for the FTPS service.
dpa_ghttps_audit_log The audit log for the HTTPS service.
dpa_gofast_audit_log The audit log for the GoFast service.
dpa_gsftp_audit_log The audit log for the SFTP service.
dpa_job The Completed Jobs log.
dpa_job_file_log The file audit information for Project Workflows.
dpa_trigger_log The trigger log.
dpa_trigger_log_detail The trigger details log.

Purging Audit Logs

By default, GoAnywhere stores audit log entries in the database for 90 days. After 90 days, the
purged log entries are automatically archived to plain text .CSV files in the
[InstallDirectory]\userdata\logs directory. To minimize the size of the database, you can specify a
shorter log retention period.
To modify log retention settings, log in to GoAnywhere and navigate to Logs > Log Settings. Select
the appropriate feature tab and then specify a new Days to Keep Audit Log Records setting.
For more information about how to purge audit logs, see the Logs & Reports > Log Settings topic in
the GoAnywhere MFT User Guide.

GoAnywhere MFT Install Guide www.goanywhere.com page: 43

Managing the Database Size / Audit Log Exemptions

Audit Log Exemptions

In some situations, not all log events need to be recorded from trusted connections. GoAnywhere
provides an Audit Log Rules page which lets you specify the events that you don't want logged. The
options on the Audit Log Rules page determine which event types can be excluded from the logs.
The audit log rules can be configured to filter specific services or exclude logging events for
certain IP addresses.

TIP:
Connection Successful and Disconnect events are commonly exempted by customers to
minimize the size of the audit log tables. Exempting connection events is recommended for
FTP, FTPS, and SFTP. This is especially true if you have clients connecting every few seconds
or minutes checking for new files as these events can quickly fill up the logs.

To add an audit log exemption, log in to GoAnywhere and navigate to Logs > Log Exemptions. Click
the Add Rule button to add an exemption.
For more information about how to add audit log exemptions, see the Logs & Reports > Log
Exemptions > Audit Log Rule Configuration topic in the GoAnywhere MFT User Guide.

page: 44 www.goanywhere.com GoAnywhere MFT Install Guide

Backing up GoAnywhere User
Data
All user data and configurations for GoAnywhere are stored in a folder named userdata, which is
located under the GoAnywhere installation directory.
Follow the instructions in this section if you are using GoAnywhere in a non-clustered “Active-
Passive” configuration, in which only one installation of GoAnywhere will be running at a time.
Otherwise, follow the backup instructions in the Clustering section if you are going to run
GoAnywhere in a clustered environment.
The default paths to the userdata folder for each platform are listed below:

n Windows: C:\Program Files\HelpSystems\GoAnywhere\userdata

n IBM i: /helpsystems/goanywhere/userdata
n Linux and UNIX: /usr/local/HelpSystems/GoAnywhere/userdata
n Mac OS X: /Applications/HelpSystems/GoAnywhere/userdata

TIP:
You should backup the GoAnywhere userdata folder (and its contents) in your regular backup
processes. It is recommended to backup this userdata folder at least daily.

WARNING:
If using the embedded Derby database (which is the default) in GoAnywhere, and you plan to
perform backups while GoAnywhere is running, then you should exclude the subfolder
userdata/database/goanywhere from your backup processes since there will be a lock on the
files in this subfolder (which is the embedded Derby database). However, this Derby database
is saved nightly (by default) to a subfolder named userdata/database/backups, which you should
backup.

IBM i Saving, Restoring, and Disaster

Recovery
Saving
Using the supplied IBM i command named SAVPRD, you can save the GoAnywhere product from
the IBM i machine. This will save all GoAnywhere objects and user data into a single IBM i Save
file. This will allow you to easily restore GoAnywhere onto another IBM i machine.

GoAnywhere MFT Install Guide www.goanywhere.com page: 45

Backing up GoAnywhere User Data / IBM i Saving, Restoring, and Disaster Recovery

Perform the following steps to save the GoAnywhere product using the SAVPRD command:

1. End the GoAnywhere subsystem by executing the command <library>/ENDGA, where

GOANYWHERE is the default installation <library>.
2. Perform a WRKACTJOB and verify that the GoAnywhere subsystem is ended. The default
subsystem name is GOANYWHERE.
3. Prompt (F4) the command of <library>/SAVPRD and specify the following values:
n The name of the library containing the GoAnywhere product.
n The name of the library containing the GoAnywhere tables, if using the DB2 database
option.
n The name of the Save file to store the GoAnywhere product into. The specified Save
file will be automatically created.

Example: GOANYWHERE/SAVPRD LIB(GOANYWHERE) SAVEFILE

(QGPL/GOANYWHERE)

4. Press enter to execute the SAVPRD command.

5. After the SAVPRD command executes, you can restart the GoAnywhere subsystem by
executing the command <library>/STRGA.

Restoring
Follow these steps to restore GoAnywhere from the Save file:

1. If you are using a specific user profile to start GoAnywhere, then you will need to create that
user profile on the target system. Using the CRTUSRPRF command, create a user profile
with the same name and authorities that were used in the original installation.
Example: CRTUSRPRF USRPRF(GOANYWHERE)
2. If you are using the DB2 database option to store the GoAnywhere tables, create a user
profile with the same name, password and authorities of the owner of the collection.
Example: CRTUSRPRF USRPRF(GOANYWHERE) PASSWORD(xxxxxxxxxx)
3. Restore the temporary Save files into the QTEMP library.
Example: RSTOBJ OBJ(*ALL) SAVLIB(QTEMP) DEV(*SAVF) SAVF(QGPL/GOANYWHERE)
4. Restore the GoAnywhere library from the Save file named SLIBGA.
Example: RSTLIB SAVLIB(GOANYWHERE) DEV(*SAVF) SAVF(QTEMP/SLIBGA)
5. Restore the GoAnywhere IFS folder from the Save file named SIFSGA.
Example: RST DEV('/QSYS.LIB/QTEMP.LIB/SIFSGA.FILE') OBJ(('/helpsystems/*'))
6. If the IBM i IP address is different than the IP address of the original installation, then you
should run the <library>/CFGGA command and specify the new IP address.

NOTE:
If you are restoring GoAnywhere to a different serial number, you will need a new license for
that system, which you can request from the GoAnywhere Customer Portal at
my.goanywhere.com.

page: 46 www.goanywhere.com GoAnywhere MFT Install Guide

 Backing up GoAnywhere User Data / IBM i Saving, Restoring, and Disaster Recovery

Disaster Recovery (External Database)

Use the following instructions to restore an IBM i installation on a back-up server (DR server).
These instructions should be used when GoAnywhere is running on an external database.
Use the SAVPRD command above to create a save file with the IFS, Library and database file for
the production server. FTP the save file to the Disaster Recover (DR) server, then use the restore
instructions to restore the objects on the DR server.
On the DR server:

1. Verify that the GoAnywhere Library has been replicated to the disaster recovery server.
2. Verify that the replication software is replicating the external DB2 database to the disaster
recovery server.
3. Verify that the replication software is replicating the GoAnywhere IFS files.
4. Exclude the following items:
l /[install directory]/GoAnywhere/gamft.lic
l /[install directory]/GoAnywhere/config/database.xml
l /[install directory]/GoAnywhere/tomcat/conf/server.xml
l /[install directory]/GoAnywhere/userdata/database/GoAnywhere/*.*
l /[install directory]/GoAnywhere/userdata/index/*.*
l /[install directory]/GoAnywhere/userdata/workspace/*.*
5. Verify that the user profile associated with the database has been replicated (and enabled).
6. On the DR server, check the Database.xml file to make sure the server is not pointing to the
IP address of the Production server. If so, edit the database.xml to point to the IP address of
the DR server.
7. On the DR server, check the Server.xml file to make sure that it does not reference the IP
address of the Production server. If needed, edit the file to reference the IP of the DR
server.
8. On the DR server, make sure gamft.lic from the Production server is not there. Start the
subsystem, log into the GUI, and then acquire the license key for the DR server from the
GoAnywhere customer portal at https://my.goanywhere.com.
9. On the DR server, check any database resources that connect to the iSeries. The database
connections should reference a DNS name, not an IP address.
10. On the DR server, check any iSeries resources that connect to the iSeries. Again, make sure
they are not pointing to an IP address, but a DNS name.
11. Working with your network administrators, verify that ports needed for FTP, FTPS, SFTP,
HTTPS, SMTP, Active Directory, and external database connections are open on the firewall
for the DR server.
12. If the subsystem is active, disable any GoAnywhere Scheduled Jobs, Triggers and Monitors
until you are running on the DR server. You do not want Jobs running on both the Production
server and DR server at the same time.

GoAnywhere MFT Install Guide www.goanywhere.com page: 47

Backing up GoAnywhere User Data / Replicating GoAnywhere User Data (for High Availability)

Replicating GoAnywhere User Data (for

High Availability)
GoAnywhere user data can be replicated to another system for high availability and failover
purposes. GoAnywhere does not have a built-in replication function, so you will need to use a
separate tool to replicate the necessary data to the high availability (HA) machine.
Replication

Follow the steps below to set up replication:

1. Install GoAnywhere onto the HA machine using one of the regular installation methods
(depending on your OS) outlined earlier in this manual.
2. Get a license key from the GoAnywhere Customer Portal at my.goanywhere.com for the HA
machine and install it.
3. Test the GoAnywhere installation on the HA machine to make sure it works properly.
4. Shut down the GoAnywhere subsystem/service on the HA machine, since GoAnywhere
should not be running on both the production and HA machines at the same time.
5. Set up your HA tool to replicate the folder named userdata, which is located under the
GoAnywhere installation directory on the production machine. The userdata folder contains
all user data and configurations for GoAnywhere. Make sure to include all the subfolders
under the userdata folder, except DO NOT replicate the subfolder named
/userdata/database/goanywhere/ since there will be a lock on that subfolder while
GoAnywhere is running. This subfolder contains the embedded database, which is saved
nightly (by default) to the subfolder named userdata/database/backups.

WARNING:
If you want to replicate the entire GoAnywhere installation directory, then do not
replicate the file named gamft.lic since that file contains the license key that is specific
for that particular machine. If the license key is replicated to the HA machine, it will
generate a license error in GoAnywhere on the HA machine and will not allow it to
execute.

Failover

The steps to follow in order to run GoAnywhere on the HA machine depends on if your production
machine is still up-and-running.
If your production machine is down and you want to switch to the HA machine:

1. If using the embedded (Derby) database in GoAnywhere: On the HA machine, unzip the
latest backup of the GoAnywhere database (found in subfolder named
userdata/database/backups) into the subfolder named /userdata/database/goanywhere.
Please note that the database will only be as up-to-date as the last time the database was

page: 48 www.goanywhere.com GoAnywhere MFT Install Guide

 Backing up GoAnywhere User Data / Replicating GoAnywhere User Data (for High Availability)

backed up on the production machine.

2. Start the GoAnywhere subsystem/service on the HA machine.

If your production machine is running and you want to switch to the HA machine:

1. If using the embedded Derby database in GoAnywhere: On the production machine, perform
a manual backup of the GoAnywhere database.
2. Shut down the GoAnywhere subsystem/service on the production machine.
3. If using the embedded Derby database in GoAnywhere:
n Copy the manual backup of the database (contained in a ZIP file) from the production
machine to the HA machine.
n Unzip this backup of the database into the /userdata/database/goanywhere folder on
the HA machine.
4. Start the GoAnywhere subsystem/service on the HA machine.

GoAnywhere MFT Install Guide www.goanywhere.com page: 49

Clustering GoAnywhere
Clustering allows two or more GoAnywhere installations (systems) to work together to provide file
transfer services for the enterprise. This provides greater scalability by allowing workloads to be
distributed horizontally across multiple GoAnywhere systems.
If one GoAnywhere system fails, the remaining systems in the cluster will automatically continue to
process workloads and file transfer requests.
This active-active clustered environment also provides the best high availability option for handling
potential system failures. If one GoAnywhere system fails, the remaining systems in the cluster will
automatically continue to service the trading partners.
The following features are available in GoAnywhere when running in a cluster:

n Two or more GoAnywhere systems within a cluster can connect to the same external
database at the same time. This allows these systems to share security settings, trading
partner user accounts, configurations, audit logs and other product tables. The database can
be configured or switched from any system in the cluster, in which the new database settings
will be replicated to all systems in the cluster.
n The System Name (specified in [InstallationDirectory]/config/cluster.xml) for each
participant in the cluster will appear on the GoAnywhere login screen, on the top-right
corner of the dashboard and any cluster-related screens. This name will also be recorded in
audit log records to indicate which system was servicing a trading partner's session during
each event. The system name is accessible in Triggers using the event.systemName variable.
n The Active Sessions screen displays all trading partner sessions (IP address, user name, login
date, audit activity) for any system in the cluster. Within this screen, sessions can also be
terminated (killed) on any system in the cluster.
n GoAnywhere Gateway configurations can be viewed, updated, started and stopped from any
GoAnywhere system within the cluster.
n Auto blacklist features for "Denial of Service" and "Brute Force" attacks are cluster-aware.
This allows each GoAnywhere system (in the cluster) to share security activity with each
other to determine when to block attacking IP addresses from the cluster.
n The Max Sessions setting for a Web User account will limit the total number of that user's
sessions for all systems within the cluster. For instance, if the Max Sessions for a Web user is
set to 2 and if they are logged into 2 different systems in the cluster, then they will not be
able to open any additional sessions in the cluster at that time.

When setting up a cluster, you will need to install GoAnywhere onto two or more servers. It is
recommended that the operating systems and JRE versions on these servers to be the same for
simplifying configuration.

GoAnywhere MFT Install Guide www.goanywhere.com page: 50

Clustering GoAnywhere / Setting up the First System in the Cluster

The following diagram illustrates two instances of GoAnywhere in a cluster, in which both instances
are using a shared database and file system.

Setting up the First System in the

Cluster
Follow the instructions below to configure the first system in the Cluster.

1. Start GoAnywhere and login to its browser-based Administrator.

2. A special license key is required to utilize Clustering in GoAnywhere, which is a chargeable
feature. If you have not acquired this license key yet, login to the GoAnywhere Customer
Portal at my.goanywhere.com and request a license from the License page. After you have
received a license key, you can install this key by going to Help > License in GoAnywhere.
3. All systems in the cluster are required to use the same external database (MySQL/MariaDB,
SQL Server, Oracle, DB2 on IBM i or Derby in network mode). The Switch Database wizard
located in the System > Database Configuration section will guide you through the process
to utilize an external database. Data in the existing database can be automatically migrated to
the new external database.
4. All systems in the cluster must point to the same set of shared folders for storing documents,
certificates and other user files. It is recommended that these folder paths are pointing to a
shared network location. For example, on Windows you can use UNC paths, on Linux you can
use a file system mount and on IBM i you can use QFileSvr.400 or NFS. Follow the steps
below:

page: 51 www.goanywhere.com GoAnywhere MFT Install Guide

 Clustering GoAnywhere / Setting up the First System in the Cluster

a. Navigate to the System > Global Settings page. On the Data tab, specify the shared
network folders for each feature.
b. Navigate to the Users > Domains page. Review each Domain's Projects, Workspace,
and WebDocs directories to ensure each server in the cluster can reach the specified
folders.
c. Navigate to the Services > Secure Forms Settings page and configure the Secure
Forms Directory to point to a shared network folder.
d. Navigate to the Logs > Log Settings page and configure the Logs Directory to point to a
shared network folder.
e. Navigate to the Services > GoDrive Settings page and configure GoDrive Directory to
point to a shared network folder.
f. Navigate to the Help > Software Library page and configure the Settings. The
Software Storage Location must point to a shared network folder.
g. If you are using the Key Management System, keys and certificates are stored in the
GoAnywhere database and there is no configuration change necessary for clustering. If
you are using file based keys and certificates, then the locations of the PGP Key Rings
or SSL Key Stores should point to a shared network location that all systems in the
cluster have access to. To specify the Key locations:
i. For SSL, select Encryption from the main menu and choose the File Based Keys
> Certificates option, and then select Preferences. Specify the shared network
locations for the key stores on the Default Trusted Certificates and Default
Private Keys.
ii. For PGP, select Encryption from the main menu and choose the File Based Keys
> PGP Keys option, and then select Preferences. Specify the shared network
locations for the key rings on the Default Public Key Ring and Default Secret
Key Ring.
5. After the configuration is completed in the steps above, you should verify there are no active
sessions on this installation. Then you should shut down the GoAnywhere service or
subsystem.
6. Go to the file system of the server that GoAnywhere is installed on and open the file named
[InstallationDirectory]/config/cluster.xml, where [InstallationDirectory] is the location that
GoAnywhere is installed to. The following properties need to be configured in this file:
n systemName - A unique name to identify this system in the cluster. The maximum
system name length is 20 characters.
n clusterBindAddress - The IP address which GoAnywhere will listen on to
communicate with other GoAnywhere systems in a cluster. This IP address must be
valid on this server which GoAnywhere is installed to.
n clusterBindPort - The port number which GoAnywhere will listen on to communicate
with other GoAnywhere systems in a cluster. For example, 8006.
n clusterLogLevel - The log level of “info” will record all standard log messages from
each system in the cluster. When the log level is set to “verbose” the log will also
record all of the system-to-system messages used to manage the cluster. While

GoAnywhere MFT Install Guide www.goanywhere.com page: 52

Clustering GoAnywhere / Setting up Additional “Participant” Systems in the Cluster

initially testing clustering within your environment, it is recommended to keep the

log level at “verbose” to get more detailed messages.
n clusterEnabled - This must be set to “true”.
n clusterHeartbeatTimeout - Participants in the cluster will check every 5 seconds to
ensure the Coordinator is still running. If a response from the heartbeat request is not
received within the specified time (in seconds), the Coordinator is considered to be
unresponsive and another Participant in the Cluster will assume the Coordinator role.
NOTE:
The clusterHeartbeatTimeout is an optional property not included in the
cluster.xml file by default and should only be used if the default setting of
300 seconds is not sufficient.

Example of cluster.xml file below. Notice the user-specified settings in blue:

<xml version="1.0" encoding="UTF-8" ? >

<!DOCTYPE properties SYSTEM
"http://java.sun.com/dtd/properties.dtd">
<properties>
<entry key="systemName">System-A</entry>
<entry key="clusterBindAddress">192.168.1.220</entry>
<entry key="clusterBindPort">8006</entry>
<entry key="clusterLogLevel>verbose</entry>
<entry key="clusterEnabled">true</entry>
<entry key="clusterHeartbeatTimeout">300</entry>
</properties>

NOTE: The cluster bind port must be opened on each installation's firewall to allow each
instance of GoAnywhere in the cluster to communicate with each other.

7. After configuring cluster.xml, you can restart GoAnywhere.

8. It’s important to review the GoAnywhere global log for any errors. Sign into the
Administrator and navigate to Logs > Audit Logs and then click the System log. The log file
will be named goanywhere_systemName.log, where systemName was specified in step 6
above.
9. This system will assume the “Coordinator” role since it is the first GoAnywhere system
started in the cluster.

Setting up Additional “Participant”

Systems in the Cluster
Follow the steps below to configure each additional Participant system in the cluster:

page: 53 www.goanywhere.com GoAnywhere MFT Install Guide

 Clustering GoAnywhere / Troubleshooting Errors

1. Start GoAnywhere and log in to its browser-based administrator.

2. Make sure a license key is installed on this system with the Clustering feature.
3. Navigate to the Server> Database Configuration > Switch Database screen. Follow the
steps to switch this database over to the same database that the first system is using.
WARNING:
On Step 5 of the Switch Database process, select the third radio button for “Do Nothing,
the database already has valid tables, indexes and data”.

4. You should verify there are no active sessions on this installation. Then you should shut down
GoAnywhere on the Participant system.
5. Go to the file system of the server that GoAnywhere is installed on and open the file named
[InstallationDirectory]/config/cluster.xml, where [InstallationDirectory] is the location that
GoAnywhere is installed to. Configure the cluster.xml file for this system using the
instructions in the previous section. Make sure to specify a unique system name and IP for
this installation. Example:
<xml version="1.0" encoding="UTF-8" ? >
<!DOCTYPE properties SYSTEM
"http://java.sun.com/dtd/properties.dtd">
<properties>
<entry key="systemName">System-B</entry>
<entry key="clusterBindAddress">192.168.1.32</entry>
<entry key="clusterBindPort">8006</entry>
<entry key="clusterLogLevel>verbose</entry>
<entry key="clusterEnabled">true</entry>
<entry key="clusterHeartbeatTimeout">300</entry>
</properties>

NOTE: The cluster bind port must be opened on each installation's firewall to allow each
instance of GoAnywhere in the cluster to communicate with each other.

6. After configuring cluster.xml, you can restart GoAnywhere.

7. It’s important to review the GoAnywhere global log for any errors. Sign into the
Administrator and navigate to Logs > Audit Logs and then click the System log. The log file
will be named goanywhere_systemName.log, where systemName was specified in step 5
above.
8. This system will be considered a “Participant” since it was not the first GoAnywhere system
started in the cluster. See the following section to troubleshoot errors that may occur when a
Participant fails to join a cluster.

Troubleshooting Errors
The following items identify problems that may occur when a Participant attempts to join a cluster:

GoAnywhere MFT Install Guide www.goanywhere.com page: 54

Clustering GoAnywhere / Troubleshooting Errors

1. If you receive an error about product versions not matching, then the Participant is running a
different version of GoAnywhere than the Coordinator system. All systems in the cluster
must be running on the same GoAnywhere version.
2. If you receive an error about the timestamp on the Participant not being within five minutes
of the Coordinator system, then you must change the system clock on the Participant system
to be in sync with the Coordinator. The time is compared in UTC and ignores time zone
differences.
3. You may receive an error about one of the documents directories not being shared. This can
occur when the Coordinator system can access the directory but a Participant cannot. In this
case you will need to log in to the Coordinator system and configure the Logs, Packages,
WebDocs or Documents directories to ensure they are the accessible for all systems in the
cluster.
4. You may receive an error about how the Participant system shut down because another
system is actively using the database. This can occur when the Participant and Coordinator
systems cannot connect to each other over the clustering communications channel. It is
important that the Coordinator’s IP and port (used for the communications channel) is
accessible by the other Participant systems. If that address is blocked by a firewall or other
network restrictions, then this system will not be considered as part of the cluster and will be
forced to shut down.

Clustering Failover
GoAnywhere executes several background processes to purge records, send notifications and to
perform other housekeeping processes. This processing is the responsibility of the Coordinator
system. If the Coordinator system becomes unresponsive, then the next Participant to join the
cluster will become the Coordinator.
For example, if a cluster was started with three systems (System-A, System-B and System-C) in that
order, then System-A will be the Coordinator since it was the first to join the cluster. If System-A
fails for any reason, then System-B will become the new Coordinator. If System-A is restarted and
successfully rejoins the cluster, then the order of the systems (for becoming a Coordinator) would
then be System-B, System-C and then System-A. If System-B were to crash, then System-C would
become the new Coordinator.
It is possible that the communication channel between the clustered systems could become
unresponsive or break due to network interruptions or other reasons. GoAnywhere has built-in
safety checks to overcome small network interruptions. By default, if the communication becomes
unresponsive for 300 seconds, then the Participant systems will believe that the Coordinator
system has failed. When that happens, each Participant will start checking the database to see if the
Coordinator system is still running.
If the Coordinator system is still running after 30 seconds (if the communications channel fails)
then the Participant systems will automatically shut down. This is required in order to prevent
issues that can occur when multiple GoAnywhere systems are running on the same database and
not communicating with each other. In this rare scenario, even though the Participant systems were
shut down, the Coordinator system will still be up and running.

page: 55 www.goanywhere.com GoAnywhere MFT Install Guide

 Clustering GoAnywhere / Backups

Backups
When GoAnywhere is running in a clustered environment, the following items are recommended to
be backed up on a regular and automated basis:

1. The external database that GoAnywhere is running on. Speak with your database
administrator to make sure this database is part of the backup process.
2. The folder locations for the Logs, Packages, Documents and WebDocs directories. Speak with
your network administrator to make sure that these locations are part of the backup process.
3. All user data and configurations for GoAnywhere are stored in the
[InstallationDirectory]/userdata folder. Although the Logs, Packages and other directories
should be pointing to network locations it is still recommended to make backups of this
location for custom email templates, SSL certificates and other files that are not using a
network location.

GoAnywhere MFT Install Guide www.goanywhere.com page: 56

GoAnywhere IBM i Commands
For IBM i installations, GoAnywhere includes IBM i commands for performing various functions in
the product. These commands can be entered on the IBM i command line, placed in CL programs
and used in job schedulers on the IBM i.
The IBM i commands can be found in the installation library, which is GOANYWHERE by default.
Listed below is an alphabetical listing of the commands:

Command Command Comments

Description
CFGGA Configure Allows users (with *SECADM authority) to
GoAnywhere change certain properties in the GoAnywhere
installation, such as the default user, password
and URL to use for the RUNPROJECT
command.
CPYPROJECT Copy (promote) Copies a Project definition from one
Project installation of GoAnywhere to another
installation of GoAnywhere.
CPYRES Copy (promote) Copies a Resource definition from one
Resource installation of GoAnywhere to another
installation of GoAnywhere.
CRTCMDPRJ Create Command Creates the supporting Projects that are used
Projects for the SFTPGET, SFTPPUT, PGPENCRYPT,
PGPDECRYPT, ZIP, UNZIP and SNDEMLMSG
commands. This command should only need to
be run once.
DSPPRDINF Product information Displays the current version number of
GoAnywhere, the port numbers used and the
IBM i serial number and processor group.
ENDGA End GoAnywhere Ends the GoAnywhere application server
Server
IMPPROJECT Import Project Imports a Project definition XML into
GoAnywhere
PGPDECRYPT Decrypt file with Provides both decryption and signature
OpenPGP verification.

GoAnywhere MFT Install Guide www.goanywhere.com page: 57

GoAnywhere IBM i Commands / SFTP, OpenPGP, ZIP and Email Command Shortcuts

Command Command Comments

Description
PGPENCRYPT Encrypt file with Provides both encryption and signing of files.
OpenPGP
RUNPROJECT Run Project Runs a GoAnywhere Project
SFTPGET Get file over SFTP Retrieves one or more files over a SFTP
connection
SFTPPUT Put file over SFTP Sends one or more files over a SFTP
connection
SNDEMLMSG Send Email Message Sends a message to one or more email
addresses. Includes support for file
attachments
STRGA Start GoAnywhere Starts the GoAnywhere application server
Server
UPGRADEGA Upgrade Upgrades the GoAnywhere software
GoAnywhere
UNZIP UnCompress file with Unzips files that were compressed with ZIP
ZIP standard
ZIP Compress file with Provides compression and password
ZIP protection

SFTP, OpenPGP, ZIP and Email

Command Shortcuts
Native commands are provided for IBM i customers that allow quick access to popular functions in
GoAnywhere. This includes commands to get and put files through SFTP, encrypt and decrypt files
with OpenPGP, ZIP and UNZIP files, as well as send Emails. These commands can be entered on
the IBM i command line, placed in CL programs and used in job schedulers on the IBM i.
These native commands can be found in the GoAnywheremenu of GAMENU4 (accessible by
running the command of GO GOANYWHERE/GAMENU). Each command can be prompted and
has on-line help text that is available through the F1 function key.

page: 58 www.goanywhere.com GoAnywhere MFT Install Guide

 GoAnywhere IBM i Commands / SFTP, OpenPGP, ZIP and Email Command Shortcuts

NOTE:
Before the SFTP, OpenPGP, ZIP and Email native commands can be utilized, their underlying
Projects (to process these commands) must be first created in GoAnywhere. To perform this
initial Project creation, select option 1 from GAMENU4 (which will execute the command
CRTCMDPRJ). The Projects will be created in the GoAnywhere folder of
\CommandLineProjects.

GoAnywhere MFT Install Guide www.goanywhere.com page: 59

Upgrading GoAnywhere / SFTP, OpenPGP, ZIP and Email Command Shortcuts

Upgrading GoAnywhere
New versions of GoAnywhere can be downloaded from the GoAnywhere Customer Portal at
my.goanywhere.com. A GoAnywhere MFT Upgrade Guide is released for each new software version,
and contains detailed upgrade considerations and instructions. The upgrade guide is also available
on the GoAnywhere Customer Portal.
Configuring HTTP Proxy

If your organization uses a Proxy Server, then you need to configure those proxy settings in
GoAnywhere before you can retrieve web updates:

1. From the main menu, select System and then Global Preferences.
2. Click the HTTP Proxy tab near the right end of the tab set.
3. Specify the type of proxy to use. DIRECT, HTTP, or SOCKS. DIRECT represents a direct
connection, or the absence of a proxy. HTTP represents proxy for high-level protocols such
as HTTP or FTP. SOCK represents a SOCKS (V4 or V5) proxy.
4. Specify the host name of the proxy server.
5. Specify the port number used by the proxy server.
6. Specify the username to use in order to connect to the proxy server. This is only necessary if
the proxy server requires authentication.
7. Specify the password to use in order to connect to the proxy server. This is only necessary if
the proxy server requires authentication.
8. Click the Save button.

Upgrade Process

Upgrading GoAnywhere requires that you first download the updates from the portal at
my.goanywhere.com. Then you will need to stop its corresponding service/subsystem, apply the
updates, and then restart GoAnywhere.
You can check for software updates by following the instructions below:

1. Login to GoAnywhere browser-based Administrator.

2. From the main menu, select Help and then choose the Check for Updates option.
3. If updates are found, the page will display the new version number, the release notes, and brief
instructions on how to download and install the new version. Detailed upgrade instructions for
the new version can be found in the GoAnywhere MFT Upgrade Guide.

page: 60 www.goanywhere.com GoAnywhere MFT Install Guide

Uninstalling GoAnywhere
This section describes how to uninstall GoAnywhere. Prior to removing GoAnywhere from your
system, you must deactivate the license through the GoAnywhere administrator. The license can
then be used for another system. Navigate to Help > License, and then click the Deactivate button.
Follow the prompts to remove the license from the server. Once the license is deactivated, you will
no longer be able to access or use the system.

WARNING:
All GoAnywhere configurations, resources and project definitions will be deleted during the
uninstall process.

Windows uninstall instructions

To uninstall the GoAnywhere product from Windows:

1. End theGoAnywhere service on the Windows system.

2. Browse to the installation directory of GoAnywhere. The default install directory is
C:\Program Files\HelpSystems\GoAnywhere.
3. Run the file named uninstall.exe to uninstall the product.

Linux and UNIX uninstall instructions

To uninstall the GoAnywhere product from Linux:

1. Verify that no jobs are currently running in the GoAnywhere Administrator.

2. Change the working directory to the directory where GoAnywhere was installed
(for example, cd /usr/local/HelpSystems/GoAnywhere).
3. Stop the GoAnywhere by executing the following shell script:
./goanywhere.sh stop
4. Uninstall the GoAnywhere product by executing the following shell script:
./uninstall.sh

IBM i uninstall instructions

To uninstall the GoAnywhere product from the IBM i:

1. End the GoAnywhere service.

GOANYWHERE/ENDGA
2. Verify that there are no locks on the GoAnywhere library. Default library name is
GOANYWHERE.
WRKOBJLCK OBJ(GOANYWHERE) OBJTYPE(*LIB)

GoAnywhere MFT Install Guide www.goanywhere.com page: 61

Uninstalling GoAnywhere / Mac OS X uninstall instructions

3. Delete the GoAnywhere library. Default library name is GOANYWHERE.

DLTLIB LIB(GOANYWHERE)
4. Delete the GoAnywhere folder from the IFS. The default main folder name is
/helpsystems/goanywhere.
RMVLNK OBJLNK('/helpsystems/goanywhere/*.*')
RMVDIR DIR('/helpsystems/goanywhere')

Mac OS X uninstall instructions

To uninstall the GoAnywhere product from Mac OSX:

1. Verify that no jobs are currently running in the GoAnywhere Administrator.

2. Log in to the Mac OS X system as an administrator and open a Terminal window.
3. Change the working directory to the directory where GoAnywhere was installed
(for example, cd /Applications/HelpSystems/GoAnywhere).
4. Stop the GoAnywhere by executing the following shell script:
./goanywhere.sh stop
5. Uninstall the GoAnywhere product by double clicking the GoAnywhere Uninstaller found in
the /Applications/HelpSystems/GoAnywhere directory and follow the prompts on the screen.

page: 62 www.goanywhere.com GoAnywhere MFT Install Guide