4 4 3 Tigon:List of Ports Used by SEP sesam

From SEPsesam
Jump to: navigation, search
Other languages:
Deutsch • ‎English
Copyright © SEP AG 1999-2020. All rights reserved.

Any form of reproduction of the contents or parts of this manual is allowed only with the express written permission from SEP AG. When compiling and designing user documentation SEP AG uses great diligence and attempts to deliver accurate and correct information. However, SEP AG cannot issue a guarantee for the contents of this manual.

Docs latest icon.png Welcome to the latest SEP sesam documentation version 4.4.3 Tigon/4.4.3 Beefalo V2. For previous documentation version(s), check Documentation archive.


Overview

SEP sesam client-server communication requires certain TCP ports to be open to enable SEP sesam components to communicate with each other through a firewall. Daemons are specific to the SEP sesam Client/SEP sesam Server/RDS installation and are using different port numbers.

The ports required may be SEP sesam version-specific. As of version ≥ 4.4.3 Beefalo, SEP sesam uses fewer ports per default than in the previous versions:

Ensure that all required ports are available on the system for SEP sesam daemons and that they are not blocked by a firewall; these ports may not be assigned to another service. If the required ports are not available, SEP sesam will not function correctly.

Additionally, you might need to open relevant network ports to ensure communication between SEP sesam Server or SEP sesam data mover and additional modules, e.g., VMware vSphere, NDMP, etc. For the list of module-related ports, see below section Module-related ports.

Used default ports in version ≥ 4.4.3 Beefalo

If a firewall is used, then only the following TCP ports must be allowed for SEP sesam backup in versions ≥ 4.4.3 Beefalo.

Component/Description Direction Source port Destination port Protocol Configuration in GUI
SEP sesam Server
SMSSH: Encrypted command execution on the client outbound random 11322 TCP/SSH Client properties -> Access Mode -> select SMSSH
Backup data over HTTP inbound random 11000 TCP/HTTP Client properties -> Interfaces -> enter <http://hostname:11000>
SEP sesam Client
SMSSH: Encrypted command execution on the client inbound random 11322 TCP/SSH Client properties -> Access Mode -> select SMSSH
Backup data over HTTP outbound random 11000 TCP/HTTP Client properties -> Interfaces -> enter <http://hostname:11000>
SEP sesam Remote Device Server
SMSSH: Encrypted command execution on the client inbound random 11322 TCP/SSH Client properties -> Access Mode -> select SMSSH
Backup data over HTTP inbound random 11000 TCP/HTTP Client properties -> Interfaces -> enter <http://hostname:11000>

SEP sesam full ports list

The following is the full list of ports used by SEP sesam.

Port numbers for SEP sesam Server

Port number Description Configuration in GUI/Example
11301 CTRL: Unencrypted command execution on the client Client properties -> Access Mode -> select CTRL
11322 SMSSH: Encrypted command execution on the client Client properties -> Access Mode -> select SMSSH
11001 Data over FTP Client properties -> Interfaces -> enter <hostname>
11000 Data over HTTP Client properties -> Interfaces -> enter <http://hostname>
11443 Data over HTTPS Client properties -> Interfaces -> enter <https://hostname>
11002-11007 Port range for 3 parallel data transfers via FTP Client properties -> Options tab -> Firewall Settings -> enter port range in STPD options
11701+drive number Replication and source-side deduplication (SDS) port For example:
  • If you replicate from dedup drive 2 (source) to the RDS drive 5 (target), the port is 11703 (daemon on the machine with drive 2).
  • If you replicate from dedup drive 5 (source) to the RDS drive 2 (target), the port is 11706 (daemon on the machine with drive 5).
11401 GUI/WEB UI (RMI) listen port
11402 GUI/WEB UI (RMI) DB listen port
11403 GUI/WEB UI (RMI) HTTP listen port
Information sign.png Note
For external backups (BSR, SAP, Informix, MaxDB ...), the client must always be able to reach the SEP sesam Server via ports 11000 (for HTTP backups) and 11001 (for FTP backups), and not only the RDS. This must be taken into account in the firewall rules.

Port numbers for SEP sesam Remote Device Server

Port number Description Configuration in GUI/Example
11301 CTRL: Unencrypted command execution on the client Client properties -> Access Mode -> select CTRL
11322 SMSSH: Encrypted command execution on the client Client properties -> Access Mode -> select SMSSH
11001 Data over FTP Client properties -> Interfaces -> enter <hostname>
11000 Data over HTTP Client properties -> Interfaces -> enter <http://hostname>
11443 Data over HTTPS Client properties -> Interfaces -> enter <https://hostname>
11002-11007 Port range for 3 parallel data transfers via FTP Client properties -> Options tab -> Firewall Settings -> enter port range in STPD options
11701+drive number Replication and source-side deduplication (SDS) port For example:
  • If you replicate from dedup drive 2 (source) to the RDS drive 5 (target), the port is 11703 (daemon on the machine with drive 2).
  • If you replicate from dedup drive 5 (source) to the RDS drive 2 (target), the port is 11706 (daemon on the machine with drive 5).
Additional ports for SEP sesam Remote Device Server with GUI
11401 GUI/WEB UI (RMI) listen port
11402 GUI/WEB UI (RMI) DB listen port
11403 GUI/WEB UI (RMI) HTTP listen port

Port numbers for SEP sesam Client

Port number Description Configuration in GUI/Example
11301 CTRL: Unencrypted command execution on the client Client properties -> Access Mode -> select CTRL
11322 SMSSH: Encrypted command execution on the client Client properties -> Access Mode -> select SMSSH
11001 Data over FTP Client properties -> Interfaces -> enter <hostname>
11000 Data over HTTP Client properties -> Interfaces -> enter <http://hostname>
11443 Data over HTTPS Client properties -> Interfaces -> enter <https://hostname>
11002-11007 Port range for 3 parallel data transfers via FTP Client properties -> Options tab -> Firewall Settings -> enter port range in STPD options

Port numbers for SEP sesam GUI

Port number Description Configuration in GUI/Example
11401 GUI/WEB UI (RMI) listen port
11402 GUI/WEB UI (RMI) DB listen port
11403 GUI/WEB UI (RMI) HTTP listen port
Additional ports for SEP sesam GUI with SEP sesam Client
11301 CTRL: Unencrypted command execution on the client Client properties -> Access Mode -> select CTRL
11322 SMSSH:: Encrypted command execution on the client Client properties -> Access Mode -> select SMSSH
11002-11020 Port range for 3 parallel data transfers via FTP Client properties -> Options tab -> Firewall Settings -> enter port range in STPD options

Module-related ports

The following tables shows the required network ports used for communication (connection or data transfer) between SEP sesam Server or SEP sesam data mover and extra modules.

Port numbers for VMware vSphere

From To Description Port number Protocol
SEP sesam Server vSphere (vCenter/ESXi) Connection to vCenter Server or ESXi server 443 HTTPS/TCP
SEP sesam data mover vSphere (vCenter/ESXi) Connection to vCenter Server or ESXi server 443 HTTPS/TCP
SEP sesam data mover ESXi server Data transfer to ESXi host 902 TCP

Port numbers for Citrix XenServer

From To Description Port number Protocol
SEP sesam data mover Citrix XenServer Connection to Citrix XenServer 443 HTTPS/TCP
SEP sesam data mover Citrix XenServer Required for backups with CBT 10809 HTTPS/TCP

Port numbers for NDMP

From To Description Port number Protocol
SEP sesam data mover NDMP server Data transfer between components 1000 NDMP

Port numbers for HPE StoreOnce

From To Description Port number Protocol
SEP sesam Server HPE StoreOnce Default command port; for communication with HPE StoreOnce 9387 TCP
SEP sesam Server HPE StoreOnce Default data port; for communication with HPE StoreOnce 9388 TCP