Chat now with support
Chat with Support

NetVault 12.4 - Administration Guide

Introduction Getting started Configuring clients Managing catalog search Configuring storage devices
About storage devices SAN considerations Quest DR Series systems Quest QoreStor NetVault SmartDisk EMC Data Domain Systems Snapshot Array Manager Virtual Tape Libraries Virtual standalone drives Shared Virtual Tape Libraries Physical tape devices Storage tiers
Backing up data Managing policies Restoring data Managing NetVault Backup dashboard Managing jobs Monitoring logs Managing storage devices
Role-based access to manage storage devices Monitoring device activity Managing disk-based storage devices in list view Managing disk-based storage devices in tree view Managing the Snapshot Array Manager Managing tape libraries in list view Managing tape libraries in tree view Managing tape drives in list view Managing tape drives in tree view Adding shared devices
Managing storage media Managing user and group accounts Monitoring events and configuring notifications Reporting in NetVault Backup Working with client clusters Configuring default settings for NetVault Backup
About configuring default settings Configuring encryption settings Configuring plug-in options Configuring default settings for post-scripts Configuring default settings for Verify Plug-in Configuring Deployment Manager Settings Configuring Job Manager settings Configuring Logging Daemon settings Configuring Media Manager settings Configuring Network Manager settings Configuring Process Manager settings Configuring RAS device settings Configuring Schedule Manager settings Configuring Web Service settings Configuring Auditor Daemon settings Configuring firewall settings Configuring general settings Configuring security settings Synchronizing NetVault Time Configuring the reporting utility Configuring NetVault Backup WebUI default settings Configuring NetVault Backup to use a specific VSS provider Configuring default settings using Txtconfig
Diagnostic tracing Managing diagnostic data Using the deviceconfig utility NetVault Backup processes Environment variables Network ports used by NetVault Backup Troubleshooting
Common errors Safe Mode in NetVault Backup

Adding multiple clients

When adding clients to NetVault Backup Server, only an MSP administrator can use the following procedure to add multiple MSP clients at the same time.

1
In the Navigation pane, click Guided Configuration, and then on the NetVault Configuration Wizard page, select the Install Software/Add Clients option.
2
On the Machines to Be Added as Clients page, , next to Machines, click the add (+) icon, and select a method for adding the deployment targets.
3
In the Add Machines window, on the Machine Details tab, enter the following details based on your method selection.

By FQDN or IP

To manually add the deployment targets, select this method.

On the Machine Details tab, specify the FQDN or IP address of the client.

Click Next.

From Active Directory

To select machines from an Active Directory Domain, select this method.

On the AD Details tab, provide the following details:

AD Server Address: Type the host name or IP address of the Active Directory Server.
User Name: Specify a Domain Account that is in the local Administrators group of all target machines.
Password: Specify the password for the user account.

Optionally, if you want NetVault Backup to remember the password for this user name, select Save Credential.

Click Connect.

In the list of Active Directory Objects, select the target machines, and click Next.

From a file

To import the target list from a file, select this method.

In the Add machines from file dialog box, click Select a file. After selecting the file in the browse window, click OK to upload the file.

For more information about the file format, see File format for specifying deployment targets.

Installation Settings

On the Installation Settings tab, provide the NetVault Backup password.

If no NetVault Backup password is set for the client, specify the administrator password for the machine.

Click Next.

Client Settings

On the Client Settings tab, provide the following details:

Client Description: Type a descriptive text for the client.
Client Group: To add the client to one or more client groups, select the corresponding check boxes.

Click Next.

Firewall Settings

If the client resides on a network that is outside the firewall, select the Client is Outside Firewall check box on the Firewall Settings tab, and provide the TCP/IP port specifications. For more information about these settings, see About firewall settings.

Click Verify to check connectivity to the clients. If any errors are reported, click Edit, and modify the applicable installation parameters.

About firewall settings

Firewall settings are required to communicate with NetVault Backup Clients that reside outside the firewall. MSP administrator and tenant administrator can use these settings to specify the TCP/IP ports for establishing data transfer channels, message channels, and broadcast channels through the firewall.

MSP administrator and tenant administrator can configure the firewall settings when deploying or adding a client, or update these settings from the Change Settings page. MSP administrator and tenant administrator can also use the NetVault Backup WebUI to configure the firewall settings for new or existing clients.

Common firewall ports must used by all the tenant administrators, where same settings must be made for all the client machines.

The following table provides a brief description of the firewall settings.

Listen ports for devices

Ports to listen on for device requests.

Configure this option on the NetVault Backup machines that have a locally attached device (for example, NetVault Backup Server or NetVault Backup Clients with SmartClient licenses).

Requirement: Two ports per drive.

Connect ports for devices

Ports that plug-ins use to connect to remote storage devices.

Configure this option on clients that connect to remote devices.

Requirement: Two ports per drive.

Listen ports for NetVault Backup message channels

Ports for receiving messages during data transfers.

Configure this option on both the NetVault Backup Server and the Client. NetVault Backup requires a two-way connection between the Server and the Client for message channels.

Requirement: Three ports per client.

To run two or more plug-ins simultaneously on a client, configure two ports per plug-in and an extra port per client. For example, to run two plug-ins simultaneously, configure (2 * 2) + 1 = 5 ports for a client.

Connect ports for NetVault Backup message channels

Ports for sending messages during data transfers.

Configure this option on both the NetVault Backup Server and the Client. NetVault Backup requires a two-way connection between the Server and the Client for message channels.

Requirement: Three ports per client.

To run two or more plug-ins simultaneously on a client, configure two ports per plug-in and an extra port per client. For example, to run two plug-ins simultaneously, configure (2 * 2) + 1 = 5 ports for a client.

Connect ports for NDMP control channels

Ports for sending NDMP messages (NDMP control channels).

Configure this option on the NetVault Backup Server (on which the plug-in is installed) when a firewall separates an NDMP filer and the NetVault Backup Server.

By default, NetVault Backup uses port number 10000. You can change it, if necessary.

Listen ports for NDMP data channels

Ports to listen on for NetVault Backup devices operating as NDMP movers.

Configure this option on the NetVault Backup Server or Client to which the device is attached. These ports are used for data transfers between the NDMP filer and storage device when a firewall separates the two networks.

Connect ports for inter-machine setup

Ports for establishing initial contact (broadcast channels) while adding a NetVault Backup Client, and later to ascertain its availability.

Requirement: Two ports per client.

You can use the following formats to specify the ports or port ranges for data channels, message channels, and broadcast channels:

IMPORTANT:  

For more information, see the following sections:

Firewall filtering rules

When creating firewall rules on the server and client machines, make sure that you open the following ports to send and receive traffic from NetVault Backup.

Server

Client

TCP

Connect ports for inter-machine connection setup specified on the NetVault Backup Server

20031

Client

Server

TCP

Connect ports for inter-machine connection setup specified on the NetVault Backup Clients

20031

Server

Client

TCP

Connect ports for message channels specified on NetVault Backup Server

Listen Ports for Message Channels specified on the NetVault Backup Clients

Client

Server

TCP

Listen ports for message channels specified on the NetVault Backup Clients

Connect Ports for Message Channels specified on the NetVault Backup Server

Server

Client

UDP

20031

20031

Client

Server

UDP

20031

20031

Server

Client

TCP

Listen ports for devices specified on the NetVault Backup Server and Clients

Connect ports for devices specified on the NetVault Backup Clients

Client

Server

TCP

Connect ports for devices specified on NetVault Backup Clients

Listen ports for devices specified on NetVault Backup Server and Clients

Firewall configuration example

This example illustrates the network port requirements for a NetVault Backup system with the following configuration:

Server (with locally attached storage device)

Connect ports for inter‑machine connection setup

Minimum two ports per client

24

50300-50323

Connect ports for NetVault Backup message channels

Minimum three ports per client

40

50200-50239

Listen ports for devices

Minimum two ports per drive

12

50100-50111

Client

Connect ports for inter‑machine connection setup

Minimum two ports per client

(These ports can be the same as the ports specified on the server side.)

24

50300-50323

Listen ports for NetVault Backup message channels

Minimum three ports per client

40

50500-50539

Connect ports for devices

Minimum two ports per drive

12

50400-50411

The following table illustrates the firewall filtering rules for this system.

Server

Client

TCP

50300-50323

20031

Client

Server

TCP

50300-50323

20031

Server

Client

TCP

50200-50237

50500-50537

Client

Server

TCP

50500-50537

50200-50237

Server

Client

UDP

20031

20031

Client

Server

UDP

20031

20031

Server

Client

TCP

50100-50111

50400-50411

Client

Server

TCP

50400-50411

50100-50111

Related Documents