Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  3. Veritas NetBackup™ Administrator's Guide, Volume I
  5. Section II. Configuring hosts
  7. Enabling support for NAT clients and NAT servers in NetBackup
  9. Important notes
Veritas NetBackup™ Administrator's Guide, Volume I

Important notes

Review the following notes while you enable support for NAT hosts in NetBackup.

  • Replication target host should be reachable from the source media server.

  • Deduplication from the media server in a public network to a private network is not supported, however the reverse is supported.

  • Optimized duplication does not work for communication between a NAT media server and a media server in a public network. This is because the deduplication engine does not support a reverse connection.

    However, if a NAT host is used as a replication target host for both media servers, optimized duplication works.

  • In case of Windows platform, ensure that the 8dot3 name file setting is enabled for the volume where NetBackup master server software will be installed. The fsutil command is used to enable the required file setting.

    Refer to the following article: Fsutil 8dot3name

  • You must provide an authorization token during NetBackup certificate deployment on a NAT host, irrespective of the certificate deployment security level that is set on the master server. This is required because the master server cannot resolve the client host name that is part of the certificate deployment request to the NAT device's IP address from which the request appears to be coming.

  • Automatic host ID-to-host name mapping is disabled for NAT hosts. A NAT host should be referenced in backup policies and NetBackup commands using the host name that is already mapped to its host ID. The initial hostname mappings are established for a host during NetBackup certificate deployment or external certificate enrolment. If you want a NAT host to use an alternative name for connection, you have to manually map the required host names using the Host Management node.

  • In a NetBackup domain that comprises application hosts such as SharePoint, Microsoft Exchange server, or Application Clusters, the application host name or data availability group (DAG) name may be different than the one that is used during NetBackup installation. In some cases the Fully Qualified Domain Name (FQDN) of the host is used during NetBackup installation. Therefore, connection between the NetBackup server and the client (or application host) may fail. To resolve this issue, map both the names of the NetBackup client using the Host Management node.

For more details on the security certificates and certificate deployment levels, refer to the NetBackup Security and Encryption Guide.

Feedback

Was this page helpful?
Previous

About NAT support in NetBackup

Next

Workflow to enable NAT hosts in NetBackup domain

Feedback

Was this page helpful?