In an environment with firewalls, the vCenter, ESX servers, Virtual Server Agent, and MediaAgent must be able to communicate with each other. To ensure that all components can communicate through the firewall, ensure that the ports for web services (default: 443) and TCP/IP (default: 902) are opened for communication on each of these machines.
The following ports must be opened:
Port |
Protocol |
Description |
From |
To |
---|---|---|---|---|
443 |
SSL |
The MediaAgent and VSA proxy communicate with the ESX server and vCenter through this port. |
MediaAgent and VSA proxy |
ESX server and vCenter |
902 |
VMware NFC |
The MediaAgent and VSA proxy communicate with the ESX server through this port. |
MediaAgent and VSA proxy |
ESX server |
If the MediaAgent and VSA proxy are deployed on different machines, open these ports on both machines.
For more information, see "Port Requirements" in System Requirements for Virtual Server Agent with VMware.
Additional Port Requirements for 3dnfs Services
When a firewall is used, you must open additional ports on the firewall for all components that are used for features based on the 3dnfs service, such as live mount.
Note
These additional ports are not required for live browse or live file recovery.
These settings are required in addition to normal Commvault firewall configuration. The following components require open ports:
-
ESX server used to mount the snapshot
-
MediaAgent that has backup data (where the 3dnfs service is running)
A File Recovery Enabler for Linux can serve as the MediaAgent for Linux VMs.
Note
If IPV6 support is enabled on the ESX server and the MediaAgent where 3dnfs is running, IPV6 will be used to communicate for browse and restore operations.
Port |
Protocol |
Description |
From |
To |
---|---|---|---|---|
2049 (TCP) |
NFS |
The 3dnfs server listens on this port for NFS remote procedure calls (RPCs). The ESX server connects to the 3dnfs server on this port. |
ESX server |
MediaAgent |
MediaAgent |
ESX server |
|||
111 (TCP+UDP) |
SUN RPC PortMapper |
This port is used by the ESX server to find the mount and NFS ports used by the MediaAgent. |
ESX server |
MediaAgent |
MediaAgent |
ESX server |
|||
User specified port (TCP) |
Mount |
The mount server runs on this port, and the ESX server mounts an NFS share using this port. In a firewalled environment, you must open a fixed port in the firewall. If no port is configured, a random port is used, and a different port might be used each time the service is restarted. |
ESX server |
MediaAgent |
MediaAgent |
ESX server |
Procedure
Open all of the following ports:
-
Open port 2049 for the TCP protocol.
-
Open a user defined mount3 port for the TCP protocol. Create the nMount3Port additional setting on the MediaAgent where the 3dnfs service is running and specify any free port number as the value. After creating the additional setting, restart services.
-
Open port 111 for both the TCP and UDP protocols.
Related Topics
For general information about Commvault network and port requirements, see the following pages: