Correct so far. Now you need to configure the client to use VNETD.
I'll give you the step by step from the version I have running at the moment, 5.0MP4. In your GUI, navigate down through: Host Properties -> Master Server, then select your master on the right. Once the master info loads, right click on the master, and select Properties. In the properties window, select Client Attributes. In the window that opens, click "Add", type in the name of the client behind the firewall, and click OK. Now select the newly added client from the list, then on the right, put a "check" in "No connect-back", then "ok" your way out of everything....you do not need to restart the NBU daemons, even if you're prompted to. Then re-run your backup. This process will have to be done for every client you want to backup behind a firewall. Paul -- > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of Dave Lowenstein > Sent: August 24, 2006 6:58 PM > To: veritas-bu@mailman.eng.auburn.edu > Subject: [Veritas-bu] vnetd question > > > I'm trying to make sure that netbackup 5.1 will work through > a firewall > with minimal ports being opened. > > What ports need to be open on the firewall if filtering by > destination port: > > Media >> Client > 13782 (bpcd) > > Client >> Media > 13724 (vnetd) > > If the client needs to run user backups/restores, then the following > port will also need to be opened: > Client >> Master > 13720 (bprd) > > > Right? So I'm testing this out between two hosts with some > more liberal > firewall rules than above. Backups are working fine, restores are > working fine. > > I believe I have all the vnetd stuff set correctly, although > every piece > of documentation I find shows a slightly different gui interface than > what I'm seeing. > > Why am I still seeing it talking back and forth between media > server and > client with randomly selected destination ports (like 852 and 811)? > There's also a fair amount of icmp going on back and forth > between the > two, which I'd like to be able to close down. > > > > client -> server TCP D=13724 S=852 Ack=392120625 Seq=931198138 > Len=0 Win=49680 > client -> server TCP D=13724 S=852 Push Ack=392120625 > Seq=931198138 Len=2 Win=49680 > server -> client TCP D=852 S=13724 Ack=931198140 > Seq=392120625 Len=0 Win=33118 > server -> client TCP D=852 S=13724 Push Ack=931198140 > Seq=392120625 Len=2 Win=33120 > client -> server TCP D=13724 S=852 Ack=392120627 > Seq=931198140 Len=0 Win=49680 > client -> server TCP D=13724 S=852 Push Ack=392120627 > Seq=931198140 Len=2 Win=49680 > server -> client TCP D=852 S=13724 Ack=931198142 > Seq=392120627 Len=0 Win=33120 > client -> server TCP D=13724 S=852 Push Ack=392120627 > Seq=931198142 Len=21 Win=49680 > server -> client TCP D=852 S=13724 Push Ack=931198163 > Seq=392120627 Len=33 Win=33120 > client -> server TCP D=13724 S=852 Ack=392120660 > Seq=931198163 Len=0 Win=49680 > client -> server TCP D=811 S=13782 Push > Ack=1618165286 > Seq=912667687 Len=2 Win=49680 > server -> client TCP D=13782 S=811 Ack=912667689 > Seq=1618165286 Len=0 Win=34500 > > > _______________________________________________ > Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu > http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu >
==================================================================================== La version française suit le texte anglais. ------------------------------------------------------------------------------------ This email may contain privileged and/or confidential information, and the Bank of Canada does not waive any related rights. Any distribution, use, or copying of this email or the information it contains by other than the intended recipient is unauthorized. If you received this email in error please delete it immediately from your system and notify the sender promptly by email that you have done so. ------------------------------------------------------------------------------------ Le présent courriel peut contenir de l'information privilégiée ou confidentielle. La Banque du Canada ne renonce pas aux droits qui s'y rapportent. Toute diffusion, utilisation ou copie de ce courriel ou des renseignements qu'il contient par une personne autre que le ou les destinataires désignés est interdite Si vous recevez ce courriel par erreur, veuillez le supprimer immédiatement et envoyer sans délai à l'expéditeur un message électronique pour l'aviser que vous avez éliminé de votre ordinateur toute copie du courriel reçu.
_______________________________________________ Veritas-bu maillist - Veritas-bu@mailman.eng.auburn.edu http://mailman.eng.auburn.edu/mailman/listinfo/veritas-bu