How communication happens when a host cannot directly connect to the primary server

In a demilitarized zone (DMZ), NetBackup clients may not be able to directly send requests (for certificate deployment and so on) to the primary server. The HTTP tunnel on the media server is used to accept the web service requests sent by the client hosts and forward them to the primary server. The configuration of the HTTP tunneling is automatic and no setup is required. The NetBackup client and the media server must be 8.1 or later for HTTP tunneling to work.

Irrespective of the certificate deployment security level that is set on the primary server, you require an authorization token to deploy a NetBackup CA-signed certificate on a host in a demilitarized zone.

See About the communication between a NetBackup client located in a demilitarized zone and a primary server through an HTTP tunnel.

How communication happens when a host cannot directly connect to the primary server

Feedback

Feedback