Forum Discussion

K_Miller's avatar
K_Miller
Level 4
14 years ago

Disable Authentication on Client, NB7.1

I have a complicated backup we're trying to attempt ove the public network. I have a Solaris Master running NB7.1 and a new windows client that resides in a private cloud.

We have opened all of the reuqired ports between the master and client and have gotten a green light using NBDNA to determine if the client is listening on the ports...

The problem is that we can't administratively connect to the client without the client complaining "Connection Requested by Invalid Server". What is the method for disabling this authentication.

Thanks,

-Kevin

7.1.x and Earlier
Backup and Recovery
Configuring
NetBackup
Troubleshooting
  • Luv_Rai's avatar
    Luv_Rai
    14 years ago

    Please configure the conditional forwarding in local DNS to point the public IP.

    Regards

    Luv

7 Replies

Sort By
  • Luv_Rai's avatar
    Luv_Rai
    Level 3
    14 years ago

    Have you tried to telnet the Vnetd and BPCD port from client server and Master Server?

    Once you check whether port is listing on both side.

     

    Regards

    Luv Rai

  • K_Miller's avatar
    K_Miller
    Level 4
    14 years ago

    Ports are verified:

    VNETD (13724), BPDC (13782), and PBX (1556)...

    For the sake of simplicity, all ports are open bi-directional!

    One thing to note is that we are connecting to a public IP address that resolves to a virtual web cluster of which both nodes exist on a private (NAT) network. This is why we can't get name resolution to work in this scenario, hence the need to emlinate the client side authentication.

    Thanks,

    -K

  • Luv_Rai's avatar
    Luv_Rai
    Level 3
    14 years ago

    Please configure the conditional forwarding in local DNS to point the public IP.

    Regards

    Luv

  • Nicolai's avatar
    Nicolai
    Moderator
    14 years ago

    Run this command on the master/media and the client:

    bpclntcmd -reverse_name_lookup prohibited

  • Yasuhisa_Ishika's avatar
    Yasuhisa_Ishika
    Level 6
    14 years ago
    Check name resolution, and server list on the client. Server list is stored in registry HKLM\software\veritas\netbackup\current version(or so).
  • K_Miller's avatar
    K_Miller
    Level 4
    14 years ago

    Hi Nicolai... We had considered this but was also not the solution!

    Thanks,

    -K

  • K_Miller's avatar
    K_Miller
    Level 4
    14 years ago

    Your reply got me thinking... We were assured that the port forwarding configuration was solid from the client back through the NAT gateway... And it was but only for one of the clients in the 2 node configuration... Luck would have it that I would be working on the node that was not included in the firewall and forwarding rules!

    Thanks for participating!

    -Kevin