cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Backup through Firewall

George_Montany
Level 3

‎05-08-2007 11:11 AM

HELP !!!!

 

Firewall port assignment for Backup Exec is confusing the @&$%# out of me.

 

  • Port 10000 outbound only from internal to DMZ (ControlSessionPort)
  • Port 30000 inbound only from DMZ to Internal (Control Acknowledgement)
  • Port 30001 outbound only from internal to DMZ (Response / Send data initiation)
  • Port 30002-30027 inbound only from DMZ to internal (Actual data transfer/backup)
  • Plus Port 6101 outbound from internal to DMZ to browse Windows systems in the backup selections tree

Is this correct and will this work to backup 3 servers in my DMZ, one server at a time with 30 minutes between jobs?

0 Kudos
4 REPLIES 4

Jared_S_
Level 6
Employee

‎05-09-2007 12:30 PM

Hi George -
 
There are certain ports than need to be open in order for Backup Exec to work properly to a firewall. Here are some documents that further explain and may offer you a resolution:
 
What TCP/UDP <ports> does Backup Exec <11d> for Windows Servers (including CPS and DLO) and Backup Exec System Recovery use?
 
 Improving Backup Exec performance
 
How to change the default port used by the Backup Exec 9.x, 10.x and 11.x Remote Agent for Windows Servers
 
How to configure Backup Exec to use a port other than 3527 if it is being used by another application
 
I hope these help!
 
- Jared
 
 
0 Kudos

George_Montany
Level 3

‎05-09-2007 12:36 PM

Thanks, but no, it does not help.
I read those docs up and down 10 times at least.
What I need to know is if the above posted will work or not.
Yes or no will do for starters.
If the answer is no, then maybe a pointer as to what is incorrect would be great.
 
0 Kudos

Jared_S_
Level 6
Employee

‎05-10-2007 12:05 PM

George -
 
Since you have both ports 6101 and 10000 open then yes the configuration should work. The only caution is to ensure no other program will be accessing these ports that could cause communication interruption.
 
- Jared
0 Kudos

pie8ter
Level 3

‎10-19-2009 10:38 AM

I am glad I am not the only one who is having difficult time dicphering the arcane documentation for the firewall configuration so we can backup DMZ clients from LAN.  Unless backing up through firewall is an unsupported feature, Backup Exec should at least do a decent job of clearly explaining the configuration.  All I see in the documentation is "here are bunch of port numbers and allow them in the firewall".  Sure but what direction the traffic flows?  Who initiates the primary and secondary connections?  Like this poster, I read all the documentations 10 times up and down with frustrations.  I beginning to think people who get this setup working actually don't know what they are doing.  With the very poor documentation, I don't blame them.
0 Kudos