Backing up servers in DMZ

chvgms · ‎12-21-2010

Hi,

I have couple of servers in DMZ that needs to be backedup by BESR 2010. I have the clients installed and able to backup for quite sometime. The below are the ports that were opened on the Firewall for the server to agent communication for backup as i have restricted the dcom ports to 5001-5020 on the backup server as suggested in http://www.symantec.com/business/support/index?page=content&id=TECH54862. Since last couple of months the sever is trying to communicate on different ports resulting in failures. Can someone let me know are there any other ports that needs to be added apart from below?

137 (inbound and outbound TCP and UDP)

· 138 (inbound and outbound UDP)

· 139 (inbound and outbound TCP)

· 5001-5020 (TCP & UDP, Inbound and Outbound)

Thanks,

Sridhar

Markus_Koestler · ‎12-21-2010

Afaik this are the only ports when you don't use a BESR 2010 Management solution.

You could you post one of those error messages ?

chvgms · ‎12-21-2010

when i try to connect to those machines from BESR console, it ends up in poping up a window to enter user name and password of the target machine which will fail even after entering the correct credentials.

But when i check the FW logs, i can see couple of ports getting blocked. Enabling those ports will allow to connect to the server.

I have found the below article which says to enable ports from 50001-5100 and creating separate FW rules. Currently all the ports have been enabled in a single rule.

http://www.symantec.com/business/support/index?page=content&id=TECH55824

Thanks,

Sridhar

Markus_Koestler · ‎12-21-2010

Hm, at least the document says it only applicable for BESR 6.5, 7, 8 and 8.5 but not for 9.0 (aka 2010). You might call Symantec to confirm that this also applies to BESR 2010.

Markus_Koestler · ‎01-13-2011

Any updates here ?

Markus_Koestler · ‎02-02-2011

Any updates here ?

Markus_Koestler · ‎02-25-2011

Any news here ?

VOX

Backing up servers in DMZ