V11 SP8
Loading...

Firewall Configurations for the Web Server

If there is a firewall between the Web Server and other CommCell components, you must update your configurations to allow communication between the components.

This configuration is useful if the Web Server computer is in a cloud or a private network.

If you want to review the port numbers used by the Web Server and Web Console, see Network TCP Port Requirements.

Connecting the Web Server and the Web Console

If a firewall is placed between the Web Server and Web Console computer, see Configuring Access to the Web Server Using TPPM.

Connecting the Web Server and the CommServe Computer

If a firewall is placed between the Web Server and the CommServe computer, you must configure the firewall to allow traffic between the two computers.

About This Task

  • Setting static ports is recommended because lost communication can occur if dynamic ports are used when the SQL Server instance is restarted.
  • Configuring the communication between the Web Server and CommServe computer requires updating connection parameters in the ODBC Data Source Administrator. For instructions on how to use the ODBC Data Source Administrator, consult the Microsoft documentation.

Procedure

  1. Set static listener ports on the SQL Server instance of the CommServe database.

    For more information, consult the Microsoft TechNet article "Configure a Server to Listen on a Specific TCP Port (SQL Server Configuration Manager)".

  2. Set up connectivity to your static listener ports:
    • To route ODBC connection requests through a network proxy using Commvault firewall settings, complete the steps in Configuring Third-Party Connections Between Client Computers providing the following details:
      • Source client: The Web Server computer.
      • Source port: Any port that you want to set as a third-party port (preferably the same as the destination port). This port will be defined in the outgoing route tppm=[Local_port] of the firewall configuration file.
      • Destination client: The CommServe computer.
      • Destination port: The static listening port that you set on the SQL Server instance.
    • To configure a Windows firewall, consult Microsoft's TechNet article "Configure the Windows Firewall to Allow SQL Server Access".
    • To configure a hardware-based firewall device, consult the manufacturer's documentation.
  3. Update the connection parameters in the ODBC Data Source Administrator:
    • If you configured a network proxy using Commvault firewall settings, do the following:
      1. Access the Web Server computer.
      2. In the ODBC Data Source Administrator dialog box, on the System DSN tab, select the cvcs_commserv system data source and then click Configure.
      3. On the Microsoft SQL Server DSN Configuration page, click With Windows NT authentication using the network login ID and then click Client Configuration.
      4. On the Edit Network Library Configuration dialog box, modify the Server name to be 127.0.0.1\Commvault, and then clear the Dynamically determine port check box to enter the port number that you specified as the source port.

        Note: The source port number can be found in the outgoing route tppm=[Local_port] of the firewall configuration file.

    • If you configured a Windows firewall or a hardware-based firewall device, do the following:
      1. On the System DSN tab of the ODBC Data Source Administrator dialog box, select the cvcs_commserv system data source and then click Configure.
      2. On the Microsoft SQL Server DSN Configuration page, click With Windows NT authentication using the network login ID and then click Client Configuration.
      3. On the Edit Network Library Configuration dialog box, clear the Dynamically determine port check box to enter the static port number.