Hello @Michal Osewski, Could you please share the FwConfig.txt contents from commvault installation base folder of any AIX client to see how this is configured.Â
Also, please share the network summary contents from any of the client machine Client > Properties > Network Configuration > network summary tab and share the snips/contents.
Hello,
Below Network Summary from AIX_client and AIX_client2 clients. Both of these AIX servers have connection attempts.
Â
=================================
AIX_client:
"# WARNING! This file is automatically generated! Do not make any changes
1. to this file, instead edit firewall settings in the Java GUI, or, if you
2. would like to make manual adjustments, put them into FwConfigLocal.txt
/general]
keepalive_interval00
tunnel_init_interval0
force_incoming_https=0
lockdown=1
proxy=0
bind_open_ports_only=0
- This section describes tunnel server port and the list of additional
- incoming ports that may be open and used to set up efficient data transfer
pincoming]
tunnel_ports03
1. This section describes outgoing routes
poutgoing]
AIX_client FREL1 remote_guid.10C3F3-3FA5-4629-B6BE-F47471DFAAAC type=passive
AIX_client client1 remote_guidc99DF0C-F4FC-4637-9311-C1BABA912EA6 type=passive
AIX_client client2 remote_guidI780CF1-9259-4B86-90D1-61C6BC2BD015 type=passive
AIX_client cs1_DRbackup remote_guidD5EE41-66CC-4DE3-B5B8-3EA69D1B16EA type=persistent proto=httpsa cvfwdźK-CS1.url.address.pl:8408 extraports00-8699
AIX_client cs2_DRbackup remote_guid8CEA52A-0CD7-4010-B1EB-A4E2C549D467 type=persistent proto=httpsa cvfwdźK-CS2.url.address.pl:8408 extraports00-8699
AIX_client FREL2 remote_guidś8DDAAC-022E-4E9C-A830-B7A8BBB95431 type=passive
AIX_client MediaAgent1 remote_guidî9312FD-A143-465C-9FDE-5A71C2004C86 type=passive
AIX_client MediaAgent2 remote_guidA9AC1B-2171-48E9-B639-099BF4BB9955 type=passive
AIX_client cs1 proxyźk-cs01_DR remote_guidNEEBA0C-6B7E-4A81-AFF3-18E6B9069F94
AIX_client cs1 proxyźk-cs02_DR remote_guidNEEBA0C-6B7E-4A81-AFF3-18E6B9069F94"
AIX_client2:
"# WARNING! This file is automatically generated! Do not make any changes
1. to this file, instead edit firewall settings in the Java GUI, or, if you
2. would like to make manual adjustments, put them into FwConfigLocal.txt
xgeneral]
keepalive_interval00
tunnel_init_interval0
force_incoming_https=0
lockdown=1
proxy=0
bind_open_ports_only=0
- This section describes tunnel server port and the list of additional
- incoming ports that may be open and used to set up efficient data transfer
tunnel_ports03
1. This section describes outgoing routes
Â
Âoutgoing]
AIX_client2 FREL1 remote_guid.10C3F3-3FA5-4629-B6BE-F47471DFAAAC type=passive
AIX_client2 client1 remote_guidc99DF0C-F4FC-4637-9311-C1BABA912EA6 type=passive
AIX_client2 client2 remote_guidI780CF1-9259-4B86-90D1-61C6BC2BD015 type=passive
AIX_client2 cs1_DRbackup remote_guidD5EE41-66CC-4DE3-B5B8-3EA69D1B16EA type=persistent proto=httpsa cvfwdźK-CS01.url.address.pl:8408 extraports00-8699
AIX_client2 cs2_DRbackup remote_guid8CEA52A-0CD7-4010-B1EB-A4E2C549D467 type=persistent proto=httpsa cvfwdźK-CS02.url.address.pl:8408 extraports00-8699
AIX_client2 FREL2 remote_guidś8DDAAC-022E-4E9C-A830-B7A8BBB95431 type=passive
AIX_client2 MediaAgent1 remote_guidî9312FD-A143-465C-9FDE-5A71C2004C86 type=passive
AIX_client2 MediaAgent2 remote_guidA9AC1B-2171-48E9-B639-099BF4BB9955 type=passive
AIX_client2 cs1 proxyźk-cs01_DR remote_guidNEEBA0C-6B7E-4A81-AFF3-18E6B9069F94
AIX_client2 cs1 proxyźk-cs02_DR remote_guidNEEBA0C-6B7E-4A81-AFF3-18E6B9069F94"
=================================
Â
I have asked the customer to extract the FwConfig.txt file from the AIX servers - as soon as I get it I will include it in the next message.
Â
Regards,
Michał
Â
Â
Hello,
I paste the FWConfig log from AIX server (AIX_client) which regularly reports unsuccessful connections.
Â
=================================
# WARNING! This file is automatically generated! Do not make any changes
# to this file, instead edit firewall settings in the Java GUI, or, if you
# would like to make manual adjustments, put them into FwConfigLocal.txt
pgeneral]
keepalive_interval=300
tunnel_init_interval=30
force_incoming_https=0
lockdown=1
proxy=0
bind_open_ports_only=0
# This section describes tunnel server port and the list of additional
# incoming ports that may be open and used to set up efficient data transfer
/incoming]
tunnel_ports=8403
# This section describes outgoing routes
/outgoing]
AIX_client cs1 remote_guid=4EEEBA0C-6B7E-4A81-AFF3-18E6B9069F94 type=persistent proto=httpsa cvfwd=cs1.url.address.pl:8403 extraports=8600-8699 fallback=1
AIX_client cs1 proxy=cs1 remote_guid=4EEEBA0C-6B7E-4A81-AFF3-18E6B9069F94 fallback=1
AIX_client cs1 remote_guid=4EEEBA0C-6B7E-4A81-AFF3-18E6B9069F94 type=passive fallback=1
AIX_client cs1 proxy=FREL1 remote_guid=4EEEBA0C-6B7E-4A81-AFF3-18E6B9069F94 fallback=1
AIX_client cs1 proxy=MediaAgent2 remote_guid=4EEEBA0C-6B7E-4A81-AFF3-18E6B9069F94 fallback=1
AIX_client cs1 proxy=FREL2 remote_guid=4EEEBA0C-6B7E-4A81-AFF3-18E6B9069F94 fallback=1
AIX_client cs1 proxy=client3 remote_guid=4EEEBA0C-6B7E-4A81-AFF3-18E6B9069F94 fallback=1
AIX_client cs1 proxy=MediaAgent1 remote_guid=4EEEBA0C-6B7E-4A81-AFF3-18E6B9069F94 fallback=1
AIX_client FREL1 remote_guid=2E10C3F3-3FA5-4629-B6BE-F47471DFAAAC type=persistent proto=httpsa cvfwd=172.xx.176.x1:8403 extraports=8600-8699 fallback=1
AIX_client FREL2 remote_guid=B68DDAAC-022E-4E9C-A830-B7A8BBB95431 type=persistent proto=httpsa cvfwd=172.xx.176.x3:8403 extraports=8600-8699 fallback=1
AIX_client MediaAgent1 proxy=FREL1 remote_guid=EE9312FD-A143-465C-9FDE-5A71C2004C86 fallback=1
AIX_client MediaAgent1 proxy=client3 remote_guid=EE9312FD-A143-465C-9FDE-5A71C2004C86 fallback=1
AIX_client MediaAgent1 proxy=cs1 remote_guid=EE9312FD-A143-465C-9FDE-5A71C2004C86 fallback=1
AIX_client MediaAgent1 proxy=MediaAgent1 remote_guid=EE9312FD-A143-465C-9FDE-5A71C2004C86 fallback=1
AIX_client MediaAgent1 proxy=MediaAgent2 remote_guid=EE9312FD-A143-465C-9FDE-5A71C2004C86 fallback=1
AIX_client MediaAgent1 proxy=FREL2 remote_guid=EE9312FD-A143-465C-9FDE-5A71C2004C86 fallback=1
AIX_client MediaAgent1 remote_guid=EE9312FD-A143-465C-9FDE-5A71C2004C86 type=persistent proto=httpsa cvfwd=MediaAgent1.url.address.pl:8403 extraports=8600-8699 fallback=1
AIX_client MediaAgent2 proxy=MediaAgent2 remote_guid=9AA9AC1B-2171-48E9-B639-099BF4BB9955 fallback=1
AIX_client MediaAgent2 remote_guid=9AA9AC1B-2171-48E9-B639-099BF4BB9955 type=persistent proto=httpsa cvfwd=MediaAgent2.url.address.pl:8403 extraports=8600-8699 fallback=1
AIX_client MediaAgent2 proxy=FREL1 remote_guid=9AA9AC1B-2171-48E9-B639-099BF4BB9955 fallback=1
AIX_client MediaAgent2 proxy=FREL2 remote_guid=9AA9AC1B-2171-48E9-B639-099BF4BB9955 fallback=1
AIX_client MediaAgent2 proxy=client3 remote_guid=9AA9AC1B-2171-48E9-B639-099BF4BB9955 fallback=1
AIX_client MediaAgent2 proxy=MediaAgent1 remote_guid=9AA9AC1B-2171-48E9-B639-099BF4BB9955 fallback=1
AIX_client MediaAgent2 proxy=cs1 remote_guid=9AA9AC1B-2171-48E9-B639-099BF4BB9955 fallback=1
AIX_client client3 remote_guid=8A719966-6C8B-41FE-8882-55F0A20BDC54 type=persistent proto=httpsa cvfwd=client3.url.address.pl:8403 fallback=1
AIX_client client3 remote_guid=8A719966-6C8B-41FE-8882-55F0A20BDC54 type=passive fallback=1
AIX_client FREL1 remote_guid=2E10C3F3-3FA5-4629-B6BE-F47471DFAAAC type=passive
AIX_client client1 remote_guid=6399DF0C-F4FC-4637-9311-C1BABA912EA6 type=passive
AIX_client client2 remote_guid=49780CF1-9259-4B86-90D1-61C6BC2BD015 type=passive
AIX_client cs1_DRbackup remote_guid=0CD5EE41-66CC-4DE3-B5B8-3EA69D1B16EA type=persistent proto=httpsa cvfwd=cs1.url.address.pl:8408
AIX_client cs2_DRbackup remote_guid=38CEA52A-0CD7-4010-B1EB-A4E2C549D467 type=persistent proto=httpsa cvfwd=CS2.url.address.pl:8408
AIX_client FREL2 remote_guid=B68DDAAC-022E-4E9C-A830-B7A8BBB95431 type=passive
AIX_client MediaAgent1 remote_guid=EE9312FD-A143-465C-9FDE-5A71C2004C86 type=passive
AIX_client MediaAgent2 remote_guid=9AA9AC1B-2171-48E9-B639-099BF4BB9955 type=passive
AIX_client cs1 proxy=cs1_DRbackup remote_guid=4EEEBA0C-6B7E-4A81-AFF3-18E6B9069F94
AIX_client cs1 proxy=cs2_DRbackup remote_guid=4EEEBA0C-6B7E-4A81-AFF3-18E6B9069F94
Â
=================================
Regards,
Michał
@Michal Osewski : Sorry for delayed response, So my question would be here is, are we seeing the air gap MAs listed in the FwConfig.txt ?
Hello,
Yes, there are a lot of connections from AIX server to e.g. Media Agent (client3) which is used as a air gap in this configuration. It doesn’t perform any backups, it is only used as a network-isolated target for AuxCopy replication (all incoming connections to client3 are blocked, only outgoing connections are allowed). For some reason you see these entries and connection attempts.
Â
Regard,
Michał