Comprehensive data protection for all workloads
Post Reply
NorthGuard
Service Provider
Posts: 107
Liked: 8 times
Joined: Jan 19, 2022 4:48 pm
Contact:

Audit my ports?

Post by NorthGuard »

All of my installs are configured as follows:
Backup device on separate network running B&R
Physical or VM on LAN network getting backed up to Backup device

The firewall is configured to pass specific ports from the backup network to the LAN and vice versa, and I would like to know if whether I need *all* of the ports that are listed below in each direction... or can I remove some? I know there is a very long and detailed kb article from Veeam outlining all of the ports, but I just want the absolute minimum that I need to be able to backup Windows servers?

BACKUP-TO-LAN
DCE-RPC ( 135 )
DNS
HTTPS
SMB
NFS - 1058-1065, 111, 2049, 2050
10005
10443
11731
2500-3000
445
6160-6163
6167
6173
6184
6185
6190
902

LAN-TO-BACKUP
NFS - 1058-1065, 111, 2049, 2050
10005
2500-3000
6160-6163
6184
HannesK
Product Manager
Posts: 14607
Liked: 2979 times
Joined: Sep 01, 2014 11:46 am
Full Name: Hannes Kasparick
Location: Austria
Contact:

Re: Audit my ports?

Post by HannesK »

Hello,
it depends what you do. The user guide has descriptions for all of your ports.

For example 135 is described as optional. If you don't use vPower NFS, you might not need NFS. 10005 looks like agent management. That one is only needed in one direction

2500-3000 can usually be reduced. The software starts using transmission channels at 2500 and increases the port number for each channel. If you have only few connections, less ports are fine.

Best regards,
Hannes
Post Reply

Who is online

Users browsing this forum: Bing [Bot] and 231 guests