Forum Discussion

RONALDMUG's avatar
2 months ago

Error connecting to remote client - over Internet

Am encountering an  error code is 48 - cannot connect on socket. Just to explain the set up, we have a remote windows server where we have installed the Netbackup agent. The server is on a private network, and we have configured NAT on it. We have confirmed that ports 1556, 13724, and 13782 are open on this server and can be reachable from the master/media server

Our master and media servers are configured with public IP addresses, and can be pinged from the local server. 

However, ICMP protocol - ping has been disabled from the customer’s side and as such, the local server cannot be reached by ping over the network. Please advise, if


1. Netbackup client can be able to connect when I no/ping has been disabled and the client server cannot to contacted over ping
2. If we can be able to connect and run backups with only ports  1556, 13724, and 13782 open, and ping/icmp disabled. 
3. What alternatives are there in place, to backup a remote client, over the internet

    1. netbackup does not require ping to work.
    2. for 8.2 and up the only ports needed are 1556 and 13724 both ways. If you run client side deduplication you need also the 10082 and 10102 from  client to storage server. Client side deduplication is recommended for WAN backups.
      you can test the connection with nc (linux) or powershell (windows)
      And bptestbpcd from the media server is a good test.
    3. if it is a remote datacenter, you can install a media server at the remote site to do the backups and then replicate to the primary.
      For remote backup ONLY, you can enable Resilient Network. This is good option for WAN backup streams, It will not solve your connection problem.
  • to add some extra point here,
    you need to confirm the name/IP resolution is happening successfully between master/media/ to client and vice versa this is crucial.
    since this is a remote site, make sure there is no SSL inspection between master and client (or at least it is whitelisted)as once I had the exact same issue and I was able to sort it out via that.my issue was that certificate on the client was not getting installed correctly.

    one client side run below commands:
    (bin folder)bpclntcmd -self
    (bin folder)bpclntcmd -pn
    (bin folder)nbcertcmd -displayCACertDetail -server mymaster
    (bin folder)nbcertcmd -getCACertificate -server mymaster
    run the below on master:
    (admincmd folder)bptestbpcd -client <client> -verbose