cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

Mac agent port exceptions for client-side firewall?

Go to solution
Jeff_Nelson_2
Level 3

‎08-06-2008 01:48 PM

We can get the Mac agent working with our Windows 2003 Server running BE 12 just fine, except if we turn on the Mac OS X buil in firewall that backup server cannot see the client mac and the job fails.

 

I can't seem to find documentation for the ports required by the Mac agent that comes with BE 12. I can only find documentation for the port for BE 9 & 10 and the legacy agent. Those don't work. Does anyone know what ports I need to open on the Mac? 

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Anser_Arif
Level 4
Certified

‎08-12-2008 11:00 AM

Hi Jeff,

 

The communication is established on port 10000 (ndmp) and the server is published on port 6101.

 

The backups work on dynamic ports. It randomly picks the port and start the backup. It could be anywhere in the range 1025 to 65535.

 

So, to specify specific port, on backup exec console, go to Tools - Options - Network and Security.

Check the option Enable remote agent TCP dynamic port range and specify a port range, say 10001 to 10050 (as recommended by Backup Exec).

 

This will not affect any backups on Windows servers, however the linux server should have these 50 ports open as well at the time of backup.

 

**Again, if you think opening 50 ports could be a security concern, you can write a script to open and close the ports and run Windows scheduler to run the scripts estimating the start and end of the job (Just a suggestion Smiley Happy).

 

 

 

Regards,

Anser Arif.

 

View solution in original post

0 Kudos
4 REPLIES 4

Go to solution
Anser_Arif
Level 4
Certified

‎08-06-2008 04:44 PM

Hi Jeff,

 

The ports required for Backup Exec to work with Mac are ports 10000 and 6101.

These ports should be open both ways.

 

 

Regards,

Anser Arif.

0 Kudos

Go to solution
Jeff_Nelson_2
Level 3

‎08-07-2008 06:17 AM

I tried opening both port 10000 and 6101 for both TCP and UDP and still no luck. As soon as I disable the firewall though the agent works fine. Any others?
0 Kudos

Go to solution
Anser_Arif
Level 4
Certified

‎08-12-2008 11:00 AM

Hi Jeff,

 

The communication is established on port 10000 (ndmp) and the server is published on port 6101.

 

The backups work on dynamic ports. It randomly picks the port and start the backup. It could be anywhere in the range 1025 to 65535.

 

So, to specify specific port, on backup exec console, go to Tools - Options - Network and Security.

Check the option Enable remote agent TCP dynamic port range and specify a port range, say 10001 to 10050 (as recommended by Backup Exec).

 

This will not affect any backups on Windows servers, however the linux server should have these 50 ports open as well at the time of backup.

 

**Again, if you think opening 50 ports could be a security concern, you can write a script to open and close the ports and run Windows scheduler to run the scripts estimating the start and end of the job (Just a suggestion Smiley Happy).

 

 

 

Regards,

Anser Arif.

 

0 Kudos

Go to solution
Jeff_Nelson_2
Level 3

‎08-12-2008 11:40 AM

Yup, the answer is that the server must have a defined range of dynamic ports (the default is any port). So then the Mac must have TCP port 10000 and the above defined port range open to the Backup Exec server.
0 Kudos