Configuring the Clients to Communicate with the CommServe Computer and MediaAgents Through the Port-Forwarding Gateway

You must configure the network connections that the clients should establish with the CommServe and MediaAgent computers. This configuration is necessary to enable backup and restore operations on the clients.

Key configurations in this procedure:

• Incoming connections from the CommServe and MediaAgent computers are Blocked.

  

• Outgoing routes are configured through the gateway.

Before You Begin

• You must have configured the CommServe computer and MediaAgents to recognize the client connections through the port-forwarding gateway.

• Any additional destination port specified in the outgoing connection routes of the client must also be defined in the incoming port list of the CommServe and MediaAgent computers.

Procedure

1. From the CommCell Browser, expand Client Computers, right-click the client, and then click Properties > Network.

2. On the Network Route Configuration tab, select Configure Network Route Settings, then the Advanced option. Click OK to acknowledge the warning and continue.

3. Click Add to enter the CommServe computer connection details.

   1. In From, select the name of the CommServe computer that is behind the gateway.

   2. In State, select BLOCKED (since the CommServe does not open connections toward the client), and then click OK.

4. Click Add to specify the MediaAgent connection details.

   1. In From, select the name of the MediaAgent computer behind the gateway.

   2. In State, select BLOCKED (since the MediaAgent does not open connections towards the client), and then click OK.

5. Click the Outgoing Routes tab, then click Add to specify the outgoing connection route from this client towards the CommServe computer.

6. Select the CommServe computer from the Remote Group/Client list, and then select Port Forwarding under Route Type.

   Note

   If you want to enable encryption and authentication for tunnel connections, locate the Tunnel Connection Protocol section, and then click Encrypted.

   In the Port Forwarder Hostname and Port Forwarder Tunnel Port boxes, specify the hostname and port through which you can reach the CommServe. For example, in the diagram on the Port-Forwarding Gateway page, hostname gateway.company.com and port number 443 are used.

   Note

   If you want to configure additional destination ports, make sure that these ports are also defined on the CommServe. Then you can establish mappings between those ports on the CommServe and the ports on the gateway that the client will connect to. Under Additional destination port mapping, enter the incoming gateway port in the PF Port box and the mapping destination port in the Destination Port box. Click Add to add the port mapping. For details, see Opening Additional Ports.

   The ports must be within the range of 1024 to 65000. Make sure the ports you specify are not used by other applications.

7. Click OK.

8. Click Add again to specify the outgoing connection route from this client towards the MediaAgent.

   1. Select the MediaAgent computer from the Remote Group/Client list.

   2. Select Port Forwarding under Route Type.

   3. Select Force all data (along with the control) traffic into the tunnel to force the data traffic into the tunnel.

   4. If you want to enable encryption and authentication for tunnel connections, locate the Tunnel Connection Protocol section, and then click Encrypted.

9. Provide the following port forwarding settings:

   1. In the Port Forwarder Hostname box, enter the hostname through which you can reach the CommServe. In the example shown above, it is gateway.company.com.

   2. In the Port Forwarder Tunnel Port box, specify the port through which the MediaAgent can be reached. In the diagram on the Port-Forwarding Gateway page, the port number is 444.

      Note

      If you want to configure additional destination ports, make sure that these ports are also defined on the MediaAgent, then you can establish mappings between those ports on the MediaAgent and the ports on the gateway which the client will connect to. Under Additional destination port mapping, specify the incoming gateway port in the PF Port box and the mapping destination port in the Destination Port box. Click Add to add the port mapping.

      The ports must be within the range of 1024 to 65000. Ensure that the ports you specify are not used by other applications.

   3. Click OK.

10. In the CommCell Browser, right-click the client name, and then click All Tasks > Push Network Configuration.

11. Read the warning, click Continue, and then click OK.

12. From the CommCell Browser, right-click the client, and then click All Tasks > Check Readiness.

    Confirm the results shown in the Client Connectivity dialog box. If the client computer does not pass the readiness check, verify your settings and revise them as required. If you verified the settings and the client is not ready, see the connectivity information in Configuring Network Routes - Troubleshooting.