In an environment with firewalls, the vCenter, ESX servers, Virtual Server Agent, and Backup Gateway must be able to communicate with each other. To ensure that all components can communicate through the firewall, ensure that the ports for web services (default: 443) and TCP/IP (default: 902) are opened for communication on each of these machines.
The following ports must be opened:
|
Port |
Protocol |
Description |
From |
To |
|---|---|---|---|---|
|
443 |
SSL |
The Backup Gateway and VSA access node communicate with the ESX server and vCenter through this port. |
Backup Gateway and VSA access node |
ESX server and vCenter |
|
902 |
VMware NFC |
The Backup Gateway and VSA access node communicate with the ESX server through this port. |
Backup Gateway and VSA access node |
ESX server |
If the Backup Gateway and VSA access node are deployed on different machines, open these ports on both machines.
Port Requirements for 3dnfs Services
When a firewall is used, you must open additional ports on the firewall for all components that are used for features based on the 3dnfs service, such as live mount.
Note
These additional ports are not required for live browse or live file recovery.
These settings are required in addition to normal Commvault firewall configuration. The following components require open ports:
-
ESX server used to mount the snapshot.
-
Backup Gateway that has backup data (where the 3dnfs service is running). A Linux access node can serve as the Backup Gateway for Linux VMs.
Note
If IPV6 support is enabled on the ESX server and the Backup Gateway where 3dnfs is running, IPV6 will be used to communicate for browse and restore operations.
The following ports must be opened:
|
Port |
Protocol |
Description |
From |
To |
|---|---|---|---|---|
|
2049 (TCP) |
NFS |
The 3dnfs server listens on this port for NFS remote procedure calls (RPCs). The ESX server connects to the 3dnfs server on this port. |
ESX server |
Backup Gateway |
|
Backup Gateway |
ESX server |
|||
|
111 (TCP and UDP) |
SUN RPC PortMapper |
This port is used by the ESX server to find the mount and NFS ports used by the Backup Gateway. |
ESX server |
Backup Gateway |
|
Backup Gateway |
ESX server |
|||
|
User specified port (TCP) |
Mount |
The mount server runs on this port, and the ESX server mounts an NFS share using this port. Create the nMount3Port additional setting on the Backup Gateway where the 3dnfs service is running and specify any free port number as the value. After creating the additional setting, restart services. In a firewalled environment, you must open a fixed port in the firewall. Else, a random port will be used each time the service is restarted. |
ESX server |
Backup Gateway |
|
Backup Gateway |
ESX server |