cancel
Showing results for 
Search instead for 
Did you mean: 

Replication client behind NAT firewall

neil_w
Level 3
Hi,

We have a machine at a client's site (SBS2003) that we are replicating to a server (2000) on our network. The client's machine is behind a NAT firewall, and therefore has a private IP address (in the 10.0.0.0/8 range).

Normally it all works fine; I set registry entry Network.TCPIP->PreferredAddress on the client to it's public IP (which is actually the router's IP) and configured the NAT firewall to forward the ports and everything works - the replication runs fine and has copied GBs of data.

The problem is when the client machine is rebooted. It resets its IP address back to the 10.. address. The server machine shows the client in the Servers list, but shows the private IP address not the public one - so it can't connect.

Oddly, the registery Network.TCPIP entry is fine and restarting the client's Veritas services solves the problem and the machine will replicate again, until the next time the client machine is rebooted.

Anyone have ideas or solutions?
6 REPLIES 6

Shaler
Level 3
Don't reboot. Haha, just kidding.
I'm not sure how Replication Exec servers talk to each other, but you might try putting a router on your side of the network and then build a tunnel between the 2 routers, making it seem that both machines are in the same network, so when your client's machine reboots, it tries to use the 10... address to your machine using a 10... address.

If this doesn't help, post more info about your network, and the machines involved.

--Shaler

neil_w
Level 3
Not rebooting would be the ideal situation in an ideal world :)

A VPN is an interesting idea which I might look into but doesn't answer why VRE forgets which IP address it is supposed to use.

As a workaround, I've written a script which restarts all the VRE services on the remote machine a few minutes before the scheduled start of the replication. This sets VRE's IP address back to what I've set in the registery.

Tim_Jackson_2
Level 2
Could you post your script here for everybody?

I'm having the same problem too... months after it's been reported. This didn't seem to be in version 3.0.

Most times restarting the service does not fix the problem. I have to reboot the remote server.

neil_w
Level 3
Hi, Sorry about the delay - haven't checked back here for a while. Here's the script - just needs putting in Scheduled Tasks. It runs on a Win2003 server, no idea on compatibility with other versions of the Windows OS.


rem NeilW, midlandcomputers.co.uk 2005/04/22
rem Restart Replication server in case it's forgotten its IP again

rem run at 9.30pm

sc stop "RxRSA"
timeout 10
sc stop "RxASA"
timeout 5
sc stop "ENL"
timeout 5
sc start "ENL"
timeout 5
sc start "RxASA"
timeout 5
sc start "RxRSA"
timeout 5

Ryan_Heitz
Not applicable
Hi, is there any documentation available on using VRE behind NATing? I've checked the site and have not found anything. I'd like to find out more about how you configured your VRE to work through NATed firewalls. Thanks!

neil_w
Level 3
Here's what we do. The server is on a fixed non-NAT IP, all clients are behind NAT.

On CLIENT, enter regkeys:
HKEY_LOCAL_MACHINE\SOFTWARE\VERITAS\ENL\Network.TCPIP\GATEWAY (string)

HKEY_LOCAL_MACHINE\SOFTWARE\VERITAS\ENL\Network.TCPIP\PreferredAddress (string)


Open on client 20481,20483,20485 (tcp,udp) incoming (including port forwarding if necessary) and allow outgoing to RMS machine. Ensure ports are locked down to server's IP.