CommVault Forums

Solving Forward - Solving Together
Welcome to CommVault Forums Sign in | Join | Help
in

Simpana proxy multiple IP?

Last post 07-29-2013, 4:59 AM by Higgi. 4 replies.
Sort Posts: Previous Next
  • Simpana proxy multiple IP?
    Posted: 07-25-2013, 10:35 AM

    Hi

    I have a proxy which has two NICs

    The external facing nic is communicating with the commserve out over public network and is tunnelled to a single port - this seems to be working OK.

    The proxy however does not seem to be listening to the same port on it's other internal IP so when I try and run install of client and tell it to talk to proxy on the tunnel port the proxy does not respond.

    I am guessing I need the proxy to listen to the same port set in "incoming ports" on both it's IP addresses?

    If so how to I bind the listener to the other IP so it's listening both externally and internally?

    I should mention also that the client is behind another firewall with a limnted range of open ports which includes the port for the tunnel from commserve to proxy.

    Or am I getting this totally mixed up?

  • Re: Simpana proxy multiple IP?
    Posted: 07-25-2013, 12:27 PM

    The proxy server should listen on all IP addresses by default.  You can test this by running a telnet to that port using the internal IP address.

     

    Most of the time, it's just because of the confusing nature of the firewall setup.

     

    Here's the link to the books online article you'll want the "one way firewall" config

    http://documentation.commvault.com/hds/release_9_0_0/books_online_1/english_us/prod_info/features.htm?var1=http://documentation.commvault.com/hds/release_9_0_0/books_online_1/english_us/features/firewall/firewall_new.htm

     

     

    It's a bit confusing but if you follow the directions implicitely you should be able to get it to work.  You may need to configure a decoupled client so that the firewall config will get automatically pushed to it when it connections.  

     

    Check your fwd.log file and post the results, my guess is the client doesn't have the tunnel defined.

  • Re: Simpana proxy multiple IP?
    Posted: 07-26-2013, 5:10 AM

    Thanks for the response

    Using netstat on the machine running the proxy to check ports/interfaces and it shows that the commvault process is only listening on the defined port on one of the two NICS in the machine - the external one.

    In the configuration we have with a DMZ we need the proxy to listen on both internal public facing IP and internal facing IP so both backend machines (internally) and the commserve (externally) can communicate directly with the proxy.

  • Re: Simpana proxy multiple IP?
    Posted: 07-28-2013, 11:41 PM

    Hi Higgi,

    By default CV should listen on all adapters. There are some registry keys and file system hooks that force us to listen only on certain interfaces.

    Search the registry for sBindToInterface and check for the file IPsToBind.txt in the base directory. These are the two most common ways to lock down which interfaces to listen on. If you like, you can post up the CVD.log and CVFWD.log files from the firewall proxy for us to take a quick look.

  • Re: Simpana proxy multiple IP?
    Posted: 07-29-2013, 4:59 AM

    Hi

    I managed to get this resolved. The issue was that I was trying to use a client computer group to push the firewall configuration out to the proxy rather than doing it directely from the machine.

     

    When I changed the firewall configuration onto the machine itself and then pusehd out from commserve I can now see the listener bound to both interfaces and all is working fine

     

    Thanks for your input guys,

The content of the forums, threads and posts reflects the thoughts and opinions of each author, and does not represent the thoughts, opinions, plans or strategies of CommVault Systems, Inc. ("CommVault") and CommVault undertakes no obligation to update, correct or modify any statements made in this forum. Any and all third party links, statements, comments, or feedback posted to, or otherwise provided by this forum, thread or post are not affiliated with, nor endorsed by, CommVault.
CommVault, CommVault and logo, the “CV” logo, CommVault Systems, Solving Forward, SIM, Singular Information Management, Simpana, CommVault Galaxy, Unified Data Management, QiNetix, Quick Recovery, QR, CommNet, GridStor, Vault Tracker, InnerVault, QuickSnap, QSnap, Recovery Director, CommServe, CommCell, SnapProtect, ROMS, and CommValue, are trademarks or registered trademarks of CommVault Systems, Inc. All other third party brands, products, service names, trademarks, or registered service marks are the property of and used to identify the products or services of their respective owners. All specifications are subject to change without notice.
Close
Copyright © 2014 CommVault | All Rights Reserved. | Legal | Privacy Policy