Hello!
We have two zones: A and B. Veeam server is in zone A. Version of Veeam B&R is 7.0.0.839.
There is Cisco ASA between zones. All necessary ports are open for the Veeam.
We have an error with backup job server in zone B (Exchange 2013).
Unable to subscribe to guest processing components: RPC function call failed. Function name: [IsSnapshotInProgress]. Target machine: [172.18.0.2]. RPC error:Сервер RPC недоступен. Code: 1722.
Unable to create snapshot (Microsoft Software Shadow Copy provider 1.0) (mode: Veeam application-aware processing). Details: Failed to prepare guests for volume snapshot.
Error: Failed to prepare guests for volume snapshot.
Also on ASA we see that Veeam try to connect to Exchange Server on port tcp/7026, tcp/6267 and this denied by ASA.
Is it normal that Veeam use these ports?
Thanks.
-
Zhilenko Ivan
- Novice
- Posts: 3
- Liked: never
- Joined: Mar 19, 2014 9:33 am
- Full Name: Zhilenko Ivan
- Contact:
-
foggy
- Veeam Software
- Posts: 21139
- Liked: 2141 times
- Joined: Jul 11, 2011 10:22 am
- Full Name: Alexander Fogelson
- Contact:
Re: Veeam uses not default ports (Exchange 2013)
Ivan, haven't you changed the default dynamic RPC port range on this VM by any chance? Just a thought.
-
Zhilenko Ivan
- Novice
- Posts: 3
- Liked: never
- Joined: Mar 19, 2014 9:33 am
- Full Name: Zhilenko Ivan
- Contact:
Re: Veeam uses not default ports (Exchange 2013)
No, we just Install Exchange 2013 on this server.
Key from registry
Key from registry
Code: Select all
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc]
"UuidSequenceNumber"=dword:01bcf674
"DCOM Protocols"=hex(7):6e,00,63,00,61,00,63,00,6e,00,5f,00,69,00,70,00,5f,00,\
74,00,63,00,70,00,00,00,00,00
"DisableTcpLoopbackToNpfsMapping"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\ClientProtocols]
"ncadg_ip_udp"="rpcrt4.dll"
"ncacn_ip_tcp"="rpcrt4.dll"
"ncacn_np"="rpcrt4.dll"
"ncacn_http"="rpcrt4.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Extensions]
"RemoteRpcDll"=hex(2):52,00,70,00,63,00,52,00,74,00,52,00,65,00,6d,00,6f,00,74,\
00,65,00,2e,00,64,00,6c,00,6c,00,00,00
"NdrOleExtDll"=hex(2):63,00,6f,00,6d,00,62,00,61,00,73,00,65,00,2e,00,64,00,6c,\
00,6c,00,00,00
"TrustRidDll"=hex(2):6c,00,6f,00,67,00,6f,00,6e,00,63,00,6c,00,69,00,2e,00,64,\
00,6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy]
"Enabled"=dword:00000001
"ValidPorts"="UAC-GP-EX001:593;UAC-GP-EX001:49152-65535"
"AllowAnonymous"=dword:00000001
"WebSite"="Exchange Back End"
"ValidPorts_AutoConfig_Exchange"="localhost:6001;UAC-GP-EX001:6001;UAC-GP-EX001.UAC-GP.RU:6001"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\SecurityService]
"10"="sspicli.dll"
"16"="sspicli.dll"
"14"="schannel.dll"
"9"="sspicli.dll"
"68"="netlogon.dll"-
foggy
- Veeam Software
- Posts: 21139
- Liked: 2141 times
- Joined: Jul 11, 2011 10:22 am
- Full Name: Alexander Fogelson
- Contact:
Re: Veeam uses not default ports (Exchange 2013)
Then I suggest contacting support for closer look at your environment. Using these ports looks to be unexpected.
-
Zhilenko Ivan
- Novice
- Posts: 3
- Liked: never
- Joined: Mar 19, 2014 9:33 am
- Full Name: Zhilenko Ivan
- Contact:
Re: Veeam uses not default ports (Exchange 2013)
We try to check ports by commands
netsh
interface
ipv4
show dynamicportrange tcp
and see that start port is 6005. After that we change ASA rules and all work fine.
netsh
interface
ipv4
show dynamicportrange tcp
and see that start port is 6005. After that we change ASA rules and all work fine.
Who is online
Users browsing this forum: No registered users and 7 guests