Network ports used by the Backup & Disaster Recovery appliance
Infrascale Backup & Disaster Recovery (IBDR) appliance is designed to function behind a firewall. To ensure its proper operation, you must open the network ports as per sections that follow.
Between the appliance and the internet
| Port | Protocol | Direction | Purpose |
|---|---|---|---|
| 122 | TCP | Appliance to support-svc.infrascale.comAppliance to support2-svc.infrascale.com | Technical support tunnel. Allows the Support team to access the appliance remotely for troubleshooting. |
| 443 | TCP | Appliance to services-svc.infrascale.comAppliance to secure.sosonlinebackup.comAppliance to pr.pusg2-d-0.infrascale.comAppliance to pr.pukg0-d-0.infrascale.comAppliance to pr.pcag0-d-0.infrascale.com | Registration. Required to register appliance in the Dashboard during the initial configuration. |
| Â | Â | Appliance to license-svc.infrascale.comAppliance to licapi-svc.infrascale.com | Licensing. Allows validation of the appliance’s license on a daily basis. |
| Â | Â | Appliance to update-svc.infrascale.com | Software updates. Allows the appliance to download firmware updates (never installed automatically). |
| Â | Â | Appliance to sr.pusg2-d-0.infrascale.comAppliance to uip.pusg2-d-0.infrascale.comAppliance to sr.pukp0-d-0.infrascale.comAppliance to uip.pukg0-d-0.infrascale.comAppliance to sr.pcag0-d-0.infrascale.comAppliance to uip.pcag0-d-0.infrascale.comAppliance to sr.inf-us-ut-1.myinfrascale.netAppliance to uip.inf-us-ut-1.myinfrascale.netAppliance to sr.inf-uk-tor-1.myinfrascale.netAppliance to uip.inf-uk-tor-1.myinfrascale.netAppliance to sr.inf-ca-nhm-1.myinfrascale.netAppliance to uip.inf-ca-nhm-1.myinfrascale.net | Remote access from the Dashboard. Allows for accessing the appliance directly from the Dashboard. If needed, you can turn this on or off later in the Management Console of the appliance. |
| Â | Â | Appliance to cm.sosonlinebackup.com | Sending monitoring events to the Dashboard. Allows for centralized monitoring of backups and health of the appliance in the Dashboard. |
| Â | Â | Appliance to files.sosonlinebackup.com | Sending boot verification screenshots to the Dashboard. Allows for centralized monitoring and review of boot verification results in the Dashboard. |
|  |  | Appliance to backend.pusg2-d-0.infrascale.comAppliance to backend.pukg0-d-0.infrascale.comAppliance to backend.pcag0-d-0.infrascale.comAppliance to storage.googleapis.comAppliance to oauth2.googleapis.com | Replication. Allows for sending the encrypted backup data to the cloud 1. |
Â
Between the appliance and a protected machine
In Windows, these ports are opened automatically during installation of the DR backup agent.
| Port | Protocol | Direction | Purpose |
|---|---|---|---|
| 49152–65535 | TCP | Client machine to appliance | DR image backup (NBD transport) |
| 9101, 9102, 9103, 9104, 9105 | TCP | Appliance to client machine | Basic appliance communication |
| 9102 | UDP | Client machine to appliance | Appliance auto-discovery |
| 139, 445 | TCP | Client machine to appliance | DR image backup (Samba ports) |
| 135, 137, 138 | UDP | Client machine to appliance | DR image backup (Samba ports) |
| 80 | TCP | Client machine to appliance | Diagnostic information |
In a Unix-like operating system, you also have to open the following ports:
| Port | Protocol | Direction | Purpose |
|---|---|---|---|
| 22 | TCP | Appliance to client machine | SSH-based management |
| 873 | TCP | Appliance to client machine | rsync daemon port |
Between the appliance and VMware vCenter Server or an ESXi host
| Port | Protocol | Direction | Purpose |
|---|---|---|---|
| 443, 902 | TCP | Appliance to VMware vCenter Server or an ESXi host | VMware VM backup |
Between the appliance and an administrative machine
An administrative machine is a machine used to access the appliance via the Management Console or by other means.
| Port | Protocol | Direction | Purpose |
|---|---|---|---|
| 80, 443 | TCP | Administrative machine to appliance | Access to the Management Console of the appliance |
| 22 | TCP | Administrative machine to appliance | SSH-based management of the appliance (optional) |
- This traffic may not be monitored using the network traffic inspection tools due to high volume. You may choose not to open these ports in the standalone setups or in the environments with peer-to-peer replication to another appliance at the same data center.Â
