How to configure client backup,which was behind firewall
Updated: 29 Oct 2010 | 9 comments
This issue has been solved. See solution.
we have netbackup 6.5 installed (Master server and media server) in the same network.
Now we need to take backup of the client which was in different network(seperated by firewall)
We have enabled the netbackup ports in the firewall.
Now the client was able to communicate with server(pinging,telnet)
But from server side it is not communicating.
Please provide the solution.
discussion Filed Under:
Comments
Firewall ports
Can you confirm what ports were opened and was the port opening uni-directional or bidirectional?
bpcd 13782/tcp bprd
bpcd 13782/tcp
bprd 13720/tcp
vnetd 13724/tcp
vopied 13783/tcp
bpdbm 13721/tcp
bpjobd 13723/tcp
bpjava-msvc 13722/tcp
NB_dbsrv 13785/tcp
vmd 13701/tcp
tldcd 13711/tcp
tl8cd 13705/tcp
tl4d 13713/tcp
tlmd 13716/tcp
tlhcd 13717/tcp
acsd 13702/tcp
Also does bpclntcmd work from
Also does bpclntcmd work from the client and the media/master server
bpclntcmd: -sv
bpclntcmd: -pn
bpclntcmd: -self
bpclntcmd: -hn <hostname>
bpclntcmd: -server <NBU master>
bpclntcmd: -ip <ipaddress>
bpclntcmd: -gethostname
Thanks for responding,Ports
Client OS and Media Master server OS
Hi Isat,
Whats the OS running on the Client server and the master/media server. If the client is running Linux is xinetd running on there. If yes have you added the relevant services to hosts.allow?
edit /usr/openv/netbackup/bp.conf to include the line:
ALLOW_NON_RESERVED_PORTS = yes
If the file /etc/hosts.allow exists then these entries will need to be appended to it:
bpcd: 10.
vopied: 10.
bprd: 10.
vnetd: 10.
The ports are sufficient for client backups to work if you want to be secure.
13720
13721
13724
netstat -a | grep bpcd
bpcd is the daemon that listens for netbackup requests. It must be running.
telnet <client> bpcd
Check for firewall, or if netbackup itself is closing the connection.
Host Properties -> Master Servers -> right-click hambck01 and select 'Properties'
Select Firewall, click Add, enter hostname, click Add then Close. Client will be added to the bottom of the list. Select the new client, and change the attributes to match the other clients, ie:
Select Connect Options tab, and in BPCD connect back, select 'VNETD port'
In Ports, select 'Connect on non-reserved port'
Daemon Connection - 'VNETD port'
Can you confirm if this works after using the above steps.
Client and media,master
Client and media,master servers are running on windows 2003 OS
Port usage guide
Check the port usage guide.
ftp://exftpp.symantec.com/pub/support/products/NetBackup_Enterprise_Server/276504.pdf
actually it's this link
ftp://exftpp.symantec.com/pub/support/products/NetBackup_Enterprise_Server/281623.pdf
VERITAS NetBackup™
Port Usage
UNIX, Windows, and Linux
(apparently it hasn't changed from 6.0)
master -> 6.0 client
vnetd/13724
6.0 client -> master
vnetd/13724
~ Bill
Firewall ports uni-directiona or bi-directional?
You didnt confirm if the ACL's were applied uni-directional or bi-directional if it was Uni-directional then can you get them changed to bi-directional for the ports 13720 13721 and 13724.
Would you like to reply?
Login or Register to post your comment.