As part of the configuration for cascading network gateway connections, you must configure the computer that you want to use as the Commvault network gateway. The network gateway must be a computer in the perimeter network.
Since the perimeter network always receives connections from outside, the Commvault network gateway must communicate with the CommServe computer through tunnel connections initiated by the CommServe computer.
Before You Begin
-
The network gateway computer must meet the following hardware recommendations
Number of Clients
Regular, Authenticated, or Raw
Encrypted
< 1000 clients
2 CPU cores
1-GHz processor
16 GB RAM
2 CPU cores
1-GHz processor with
32 GB RAM
1000 clients to 5000 clients
2 CPU cores
1-GHz processor with
32 GB RAM
4 CPU cores
1-GHz processor with
32 GB RAM
> 5000 clients
4 CPU cores
1-GHz processor with
32 GB RAM
8 CPU cores
1-GHz processor with
32 GB RAM
-
You must install the File System core package on the network gateway server.
-
If you plan to use a predefined network topology, you must configure the topology before setting up the network gateway. See Configuring Cascading Network Gateway Connections Using Predefined Network Topologies.
Procedure
To set up the Commvault network gateway, complete Step A, Step B, and Step C, as follows:
Step A: Create a Placeholder Client
Before you install the Commvault software on the network gateway computer, you must create and configure a placeholder client for the network gateway.
-
From the CommCell Browser, expand Client Computers, and then click New Client > File System > [Windows or Unix].
-
In the New [Windows or Unix] Client window, enter a Client Name and Host Name for the network gateway computer. These details will also be used during your Commvault network gateway installation.
-
Click Next.
-
Confirm the information shown under Summary, and then click Finish.
Step B: Configure the Placeholder Client
Follow the steps that correspond to your network configuration:
Configuration steps for those who ARE using predefined network topologies
Add the placeholder client to the network gateway client group that you specified in the network topology.
-
From the CommCell Browser, expand Client Computer Groups, right-click the Network Gateway Client Group that resides near the Infrastructure Group, and then click Properties.
The Client Computer dialog box appears.
-
On the General tab, select the placeholder client (or clients) from the All clients list, click Include >, and then click OK.
Adding the placeholder clients to the proxy group automatically configures them as network gateway computers.
-
Specify the network port forwarder tunnel port as follows:
-
Click the Network button, select the Configure Network Route Settings check box, and then select the Advanced option.
-
On the Incoming Ports subtab, select the Override Default Tunnel Port check box, and then specify the network port forwarder tunnel port (default is 8403).
-
Click OK.
-
-
Push the network configuration on the Infrastructure Group that contains the CommServe and the Internal MediaAgents. For example:
-
From the CommCell Browser, right-click the CommServe, and then click All Tasks > Push Network Configuration.
-
When the Warning dialog box appears, click Continue.
A notification appears indicating that the push network operation was successful. Click OK to close the notification.
You are now ready to install the Commvault network gateway.
-
Configuration steps for those who ARE NOT using predefined network topologies
Configure the network settings on the placeholder client as follows:
-
From the CommCell Browser, expand Client Computers, right-click the new client_name, and then click Properties.
The Client Computer Properties dialog box appears.
-
Click Network.
The Network Properties for Client dialog box appears.
-
On the Network Route Configuration tab, select the Configure Network Route Settings check box.
-
Click Advanced, read the warning, and then click OK.
-
Configure the proxy as follows to allow the CommServe to initiate a connection to it:
-
Click Add.
-
In the From list, select the CommServe name.
-
In the State list, select RESTRICTED.
-
Click OK.
For information about the RESTRICTED setting, see Restricting or Blocking Connections.
-
-
If a MediaAgent is behind the Commvault network, configure it as follows:
-
Click Add.
-
In the From list, select the MediaAgent name.
-
In the State list, select RESTRICTED.
For information about the RESTRICTED setting, see Restricting or Blocking Connections.
-
-
On the Incoming Ports tab, in the Override default tunnel port box, set the incoming port number on which the Commvault proxy will listen for a connection request from the CommServe host, and then write it down so that you have it during the Commvault proxy installation.
The default tunnel port is the Commvault Communications (CVD) service port plus 3 (for example, 8403).
-
On the Options tab, select the This computer is in DMZ and will work as a proxy check box, and then click OK twice.
The placeholder client is now configured. The rest of the steps will configure the CommServe computer.
-
From the CommCell Browser, right-click the CommServe node, and then click Properties.
-
On the Network Route Configuration tab, select the Configure Network Route Settings check box, and on the Incoming Connections tab, click Add.
-
From the From list, select the Commvault proxy computer. From the State list, select BLOCKED. Click OK.
-
On the Outgoing Routes tab, click Add.
-
Select the Commvault proxy from the Remote Group/Client list.
-
For Route Type, select Direct, and for Tunnel Connection Protocol, select Regular.
-
Click OK.
-
From the CommCell Browser, right-click the CommServe node, and then click All Tasks > Push Network Configuration.
-
Click Continue to acknowledge the warning and proceed.
-
Click OK to close the network push notification.
-
Check the Event Viewer window to confirm that your network configuration was pushed successfully.
You are now ready to install the Commvault proxy.
Step C: Install the Commvault Software on the Network Gateway
During the installation, you need to specify a local tunnel port number that can be used by the CommServe computer to open tunnel connections towards the network gateway. Note that this is the same port configured in the following two procedures:
-
Step B: Configure the Placeholder Client > Configuration steps for those who ARE using predefined network topologies > Step 3 (see above).
-
Step B: Configure the Placeholder Client > Configuration steps for those who ARE NOT using predefined network topologies > Step 7 (see above) .
Note
If firewall is enabled on the network gateway, ensure that the CommServe and client computers can open connections to the tunnel port.