> Documentation > Backup and Restore Agents > Backup Agents > NDMP > Configuration

Configuring a Firewall Between a File Server and MediaAgent

When the file server and MediaAgent are separated by a firewall, define the ports for transferring data between the two machines.

If file servers are backed up to a MediaAgent library (such as a disk library or a SAN-attached tape library), then a range of ports must be open on the MediaAgent to receive the incoming data connections from the file servers.

  • UNIX MediaAgents: The number of open ports must be greater than or equal to the combined number of parallel NDMP data streams expected on the MediaAgent.

  • Microsoft Windows MediaAgents: We recommend that the number of open ports be greater than or equal to the combined number of parallel NDMP data streams expected on the MediaAgent. (However, if needed, you can have fewer open ports than the combined number of parallel streams because ports free up quickly after the data connection is established.)

For example if two NDMP subclients use the same MediaAgent at the same time, and each subclient is configured to use four data readers, then configure at least eight open incoming ports on the MediaAgent.

Before You Begin

Verify the port for the NDMP control connection is open in the firewall. The port for the NDMP control connection is set when an NDMP agent is added.

Note

Typically, port 10000 is used for the NDMP control connection. If the file server was configured to use a different port number, you must configure the NDMP protocol under the NAS client to use that port number. Also, each MediaAgent that runs jobs or is used for configuring the file server must be able to connect to the file server on the configured NDMP control connection port.

To view the port used for NDMP control connection of a NAS client, go to NDMP properties and check the value for Listen port.

Procedure

  1. In the CommCell Browser, expand Storage Resources > MediaAgents.

  2. Right-click the MediaAgent associated to the storage policy used for backups of the file server and then click Properties.

  3. Click Network.

  4. Click Network Route Configuration > Incoming Ports.

  5. In the From and To boxes, click to select the range of port numbers that you want to allow and then click Add.

    The specified port ranges appear in the Additional Open Ports box.

  6. To specify more ports, select a new range of port numbers and then click Add.

  7. When you are finished adding ports, click OK.

  8. In the CommCell Browser, right-click the same MediaAgent, point to All Tasks, and then click Push Network Configuration.

    The specified ports are pushed to the MediaAgent and used to transfer data between the MediaAgent and file server.

Loading...