Symantec Backup Exec Agent for Linux firewall issues

Source: Internet
Author: User

If you installed Symantec Backup Exec Agent for Linux on a UNIX or Linux installation, but you cannot access the Symantec Backup Exec Agent on the Symantec Backup Exec server, At this point you should first check whether the Symantec Backup Exec Agent service on UNIX or Linux is started. As shown below, you can confirm that the Symantec Backup Exec Agent service is started. If it does not start, you can execute the/etc/init.d/vrtsralus.init start command to start the service. (Note: For some reason, the original server name I will replace with Db-server)

[[Email protected] ~] # lsof-i tcp:10000
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
Beremote 3495 root 5u IPv4 13184 TCP *:ndmp (LISTEN)
[[Email protected] ~] # Ps-ef | grep beremote
Root 3495 1 0 Nov02? 00:00:09/opt/vrtsralus/bin/beremote
Root 5906 2573 0 12:02 pts/2 00:00:00 grep beremote

So next, let's see if we can telnet to the Linux server via port 10,000th, as shown below, the connection fails (Connection failed), then we can confirm that it is a firewall problem on Linux

If you want to confirm, you can temporarily shut down the Firewall service test (service iptables stop).

Then we need to configure the firewall, we need to use the following command to add the port number 10000

Iptables-a input-s <media Server ip>-D <unix Server ip>-P TCP--dport 10000-j ACCEPT

[[Email protected] ~] # iptables-a input-s 192.168.16.16-d 192.168.16.3-p tcp--dport 10000-j ACCEPT
[[Email protected] ~] # service Iptables Save
Saving firewall rules to/etc/sysconfig/iptables: [OK]
[[Email protected] ~] # service Iptables Restart
Flushing firewall rules: [OK]
Filter [OK]
Unloading iptables modules: [OK]
Applying iptables firewall rules: [OK]
Loading additional iptables Modules:ip_conntrack_netbios_ns ip_conntrack_ftp [OK]

The results continue to use the Telnet test, found that the problem persists, it is very puzzling, check iptables found the following information

[Email protected] ~]# More/etc/sysconfig/iptables
# Generated by Iptables-save v1.3.5 on Tue Nov 4 12:14:53 2014
*filter
: INPUT ACCEPT [0:0]
: FORWARD ACCEPT [0:0]
: OUTPUT ACCEPT [46,679:7,171,562]
: Rh-firewall-1-input-[0:0]
-A input-j Rh-firewall-1-input
-A input-s 192.168.16.16-d 192.168.16.3-p tcp-m tcp--dport 10000-j ACCEPT
-A forward-j Rh-firewall-1-input
-A rh-firewall-1-input-i lo-j ACCEPT
-A rh-firewall-1-input-p icmp-m ICMP--icmp-type any-j ACCEPT
-A rh-firewall-1-input-p esp-j ACCEPT
-A rh-firewall-1-input-p ah-j ACCEPT
-A rh-firewall-1-input-d 224.0.0.251-p udp-m UDP--dport 5353-j ACCEPT
-A rh-firewall-1-input-p udp-m UDP--dport 631-j ACCEPT
-A rh-firewall-1-input-p tcp-m tcp--dport 631-j ACCEPT
-A rh-firewall-1-input-p tcp-m state--state new-m TCP--dport 8080-j ACCEPT
-A rh-firewall-1-input-p tcp-m state--state new-m TCP--dport 8088-j ACCEPT
-A rh-firewall-1-input-m state--state related,established-j ACCEPT
-A rh-firewall-1-input-p tcp-m state--state new-m TCP--dport 21-j ACCEPT
-A rh-firewall-1-input-p tcp-m state--state new-m TCP--dport 22-j ACCEPT
-A rh-firewall-1-input-p tcp-m tcp--dport 5901-j ACCEPT
-A rh-firewall-1-input-p tcp-m tcp--dport 5902-j ACCEPT
-A rh-firewall-1-input-p tcp-m state--state new-m TCP--dport 1521-j ACCEPT
-A rh-firewall-1-input-j REJECT--reject-with icmp-host-prohibited
COMMIT
# completed on Tue Nov 4 12:14:53 2014

The Linux server version is Oracle Linux Server release 5.7, you need to modify the configuration of the red section above, configure it below, and then restart the Iptables service. Problem solving.

[[Email protected] ~] # service Iptables Restart
Flushing firewall rules: [OK]
Filter [OK]
Unloading iptables modules: [OK]
Applying iptables firewall rules: [OK]
Loading additional iptables Modules:ip_conntrack_netbios_ns ip_conntrack_ftp [OK]

Resources:

http://www.symantec.com/business/support/index?page=content&id=TECH68258

Symantec Backup Exec Agent for Linux firewall issues

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.