I am currently working on the firewall settings and yesterday I tried to create the rules I need for an active directory object restore. My configuration was looking like this:domain controller wi01:
firewall currently switched off (I know it's bad)veeam-Server
outbound traffic is allowed
So I tried to restore a group policy which I have deleted before and I wasn't able to do the restore. I run wireshark on the domain controller and found out that during restore the dc establishes some TCP-connections to the veeam-server (maybe also some UPD-connections but I didn't look too close on it). If I take a look at the official documentation https://helpcenter.veeam.com/docs/backup/vsphere/used_ports.html?ver=95#ad
, I cannot see a section where you should allow traffic from DC's to the veeam-server.
So I created a rule to allow all the traffic from DC's to the veeam server and now it's working, but of course it would be nice to only allow the needed ports and protocols.
Maybe I didn't clearly understand the documentation so it would be nice to get a clarification here - thank you!