Firewall properties
The Firewall properties describe how the selected master servers and media servers connect to legacy services running on that NetBackup host.
Servers are added to the host list of the Firewall properties. To configure port usage for clients, see the Client Attributes properties.
The Firewall dialog box contains the following properties.
Table: Firewall dialog box properties
Property | Description |
|---|
Default connect options | By default, NetBackup selects firewall-friendly connect options under Default connect options. However, the default options can be set differently for individual servers under Attributes for selected Hosts. By default, the firewall settings are configured to require the fewest possible ports to be open. These properties correspond to the DEFAULT_CONNECT_OPTIONS configuration option. To change the default connect options for the selected server, click . Click to change the . Change the Firewall properties in the Default Connect Options dialog box. If is selected as the , the setting is not applicable. If is selected as the , is always used regardless of the value of the Ports setting. |
Hosts list | To change the default connect options for any host name, add the host name to the host list. Servers do not automatically appear on the list. option Click to add a host entry to the host list. A host must be listed before it can be selected for configuration. option Click to add the listed hosts (along with the specified properties) to all hosts that are selected for host property configuration. (That is, the hosts that are selected upon opening the Host Properties.) option Select a host name in the list, then click to remove the host from the list.
|
Attributes for selected hosts | Connect options can be configured for individual servers. These properties correspond to the CONNECT_OPTIONS configuration option. |
BPCD connect back | This property specifies how daemons are to connect back to the NetBackup Client daemon (BPCD) as follows: (An option for individual hosts) Use the methods that are specified under Default connect options. NetBackup randomly chooses a free port in the allowed range to perform the traditional connect-back method. This method requires no connect-back. The Veritas Network Daemon (vnetd) was designed to enhance firewall efficiency with NetBackup during server-to-server and server-to-client communications. The server initiates all bpcd socket connections. Consider the example in which bpbrm on a media server initially connects with bpcd on a client. The situation does not pose a firewall problem because bpbrm uses the well-known PBX or vnetd port.
|
Ports | Select whether a reserved or non-reserved port number should be used to connect to the host name: (An option for individual hosts) Use the methods that are specified under Default attributes. Connect to the host name by a reserved port number. Connect to the host name by a non-reserved port number.
|
Daemon connection port | This option only affects connections to NetBackup 7.0 and earlier. For connections to NetBackup 7.0.1 and later, the veritas_pbx port is used. If configuring connections for NetBackup 7.0 and earlier, select the method to use to connect to the server: (An option for individual hosts) Use the methods that are specified under Default connect options. The daemons on the server are connected to by vnetd if possible. If it is not possible to use vnetd, the daemon's traditional port number makes the connection. The daemons on the server are connected to by vnetd only. Select this property if your firewall rules prevent connections to the server by the traditional port number. The daemons on the server are connected to by the traditional port number only.
If is selected as the Daemon connection port, the setting is not applicable. If is selected as the Daemon connection port, is always used regardless of the value of the Ports setting. |
Defaults | Set property settings back to the defaults. |
