Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.

error ( Cannot Connect On Socket )

Created: 26 Jul 2013 • Updated: 05 Aug 2013 | 12 comments
This issue has been solved. See solution.
Hey Everybody,
 
I was working on a Issue,
The error ( Cannot Connect On Socket ) occurs while trying communicate a Client from Master server.
Checked BPCD logs and test the connectivity b/w client and master, which is not happening.
 
Found that "Windows Firewall" service is running on the server. Now by disabling the Firewal this issue could get resolved.
But my concern is ( as Firewall is used to protect the server from virus or any harmful objects ). Why we have to Disable it ?
Why NBU connection failed when server is Behind firewll ? Why can not we take backup along with Firewall Enabled ?
Operating Systems:
Discussion Filed Under:

Comments 12 CommentsJump to latest comment

RamNagalla's picture

you can make a connection when firewall is on..

but you need to add the netbackup ports to the firewall excepsssion list..(1556,13782,13724)

by default window firewall does not keep the ports in excepsssion list, becasue it does not know about it..

where ever there is any port requirement for any application that is the admin task to add them in excepstion list

trun on the firewall.. add the ports in excepstion list and check the comminication..

SOLUTION
Marianne's picture

Why we have to Disable it ?

Because it blocks all port connection - including NetBackup.

If you can tell Windows Firewall to allow comms on port 1556 (PBX) and vnetd (13724) it won't be necessary to disable it completely.

If NBU server and clients are on the same internal network and protected from external threats by the Company firewall, there is actually no need for individual firewalls.

Supporting Storage Foundation and VCS on Unix and Windows as well as NetBackup on Unix and Windows
Handy NBU Links

Vickie's picture

Thanks Nagalla & Marianne,

But How can we check if the ports are listed in exception port at Firewall end?

Is there any commmand we can use or any GUI method to get confirmed as Ports are blocked ?

How to make sure about it ? So that I can reach out to concern team to make the changes.

 

Vickie's picture
Hi Nagalla, thnks for sharing the link. But this is for windows2003, and the client server is windows 2008. 
If you have any link for windows2008 which can help to get the Firewall Exception Port list, please share.
 
I checked and found some rules in advance setting of Firewall. But Port number was not clearly mentioned there, there were service names mentioned like Remote Desktop Server not the Ports.
Marianne's picture

Please! This is a NetBackup forum.

Windows Firewall is a Microsoft product. Best to speak to your Windows Admin team or else post in a Microsoft forum.

All we can tell you from NBU point of view is which ports are needed for server/client comms.
You now need to go with this information to the admins of that firewall to open up ports.

Supporting Storage Foundation and VCS on Unix and Windows as well as NetBackup on Unix and Windows
Handy NBU Links

RamNagalla's picture

agreed with Marianne.

please talk with your windows admin to get them add in firewall exception 

you can google if you are looking for win 2008

Vickie's picture
Thanks Marianne & Nagalla for your assistance
 
You guys says it well, I must go to Microsoft forum for issue or information regarding Microsoft product.
 
I just wanted to get confirmed from NBU end, as yes the Ports are not open for Communication. Is "telnet <client name> <port number>" the only way by which we can be sure about Port is not open.
 
RamNagalla's picture

i believe.. telnet is may be one of the ways.. not only way...

you can always check with the respective teams(network, OS) for more ways to find it.. :-)

Marianne's picture

telnet is certainly taking NBU out of the equation.

Yes, if telnet does not work, you need to talk with OS/security admins.

Supporting Storage Foundation and VCS on Unix and Windows as well as NetBackup on Unix and Windows
Handy NBU Links

Vickie's picture
Thanks Nagalla & Marianne,
 
Issue resolved after listing the ports in firewall exception list
epsilon22222's picture

Running the built command "bptestbpcd" would also assist you with this.

Generally found in: <install path>/netbackup/bin/admincmd/bptestbpcd

Typical command you can run using this:

bptestbpcd -host <hostname> -verbose

http://www.symantec.com/business/support/index?page=content&id=HOWTO43696

Obviously, the server would have to have connectivity for this command to demonstrate its connection attempts, otherwise it will give you an error.