IBM Support

Open communication ports required by IBM Tivoli Storage Manager for Virtual Environments 6.4

Question & Answer


Question

Which ports must be open in the firewall when installing Tivoli Storage Manager for Virtual Environments 6.4?

Cause

The following table identifies the ports that are accessed by Tivoli Storage Manager for Virtual Environments 6.4:

Answer

TCP Port

Initiator: Out-Bound (From Host)Target: In-Bound (To Host)
443
vStorage Backup Server
vCenter Server (secure HTTP)
443
Data Protection for VMware vCenter plug-in Server (eWAS)vCenter Server
902

443
vCenter Server
ESXi hosts
902

443
vStorage Backup Server (proxy)ESXi hosts (all protected hosts)
1500
(tcpport)
vStorage Backup Server (proxy)
Tivoli Storage Manager Server
1500
(tcpadminport)
Data Protection for VMware vCenter plug-in Server (eWAS)
  • 1500 (tcpadminport) is non-SSL communication
  • For SSL communication, tcpadminport is the only port that supports SSL communication with the Tivoli Storage Manager server. The correct port number to use for the SSL protocol is typically the value specified by the ssltcpadminport option in the Tivoli Storage Manager server dsmserv.opt file. However, if adminonclient no is specified in the dsmserv.opt file, then the correct port number to use for the SSL protocol is the value specified by the ssltcpadminport option. The ssltcpadminport option does not have a default value. Therefore, the value must be specified by the user.
Tivoli Storage Manager Server
1501

1581
(httpport)
Tivoli Storage Manager servervStorage Backup Server
  • Backup-Archive client scheduler
  • Web client
  • Client Acceptor Daemon
1581
(httpport)

1582, 1583
(webports)
Data Protection for VMware vCenter plug-in Server (eWAS)vStorage Backup Server
9080
vSphere ClientData Protection for VMware vCenter plug-in Server (eWAS)
22
Linux Data Protection for VMware Recovery AgentData Protection for VMware Windows "mount" host
  • SSH for Linux Data Protection for VMware Recovery Agent
3260
Linux Data Protection for VMware file-level recoveryData Protection for VMware Windows "mount" host
  • iSCSI
3260
Windows target with Dynamic disk for file-level recoveryData Protection for VMware Windows "mount" host
  • iSCSI


Overview diagram:
ve_ports.jpgve_ports.jpg



Tip: When all of the following conditions exist:
  • The datamover is installed on a virtual machine within the same (under) a network demilitarized zone (DMZ) where other virtual machines are located.
  • No permission exists to open a port from the vCenter to the Tivoli Storage Manager server.
  • Port 31501 is open from the Tivoli Storage Manager server to the vCenter (TCPPORT 31501).

The following errors are returned during a scheduled backup vm operation (schedmode prompted):
ANS1017E
ANS9020E
ANS5216E

To resolve these errors, install the data mover on (outside) the DMZ.

[{"Product":{"code":"SS8TDQ","label":"Tivoli Storage Manager for Virtual Environments"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"Data Protection for VMware","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"6.4","Edition":"All Editions","Line of Business":{"code":"LOB26","label":"Storage"}}]

Document Information

Modified date:
17 June 2018

UID

swg21625297

Page Feedback