Skip to main content
Solved

Opening ports on Jump Server to use the netx.jar

  • September 13, 2022
  • 9 replies
  • 515 views

Forum|alt.badge.img+1

Hello everyone,

I need to configure two additional jump servers to open the netx.jar file and access the console.
The Commvault infrastructure in place has separate servers for Commserve, Webserver and MediaAgents.

Using the 'Port Requirements for Commvault' documentation page, I already opened the following ports :
- Jump > WebServer. TCP 80-81-443
- Jump > CommServe. TCP 8401

But it seems it's not enough to have this properly working.
SSO is not properly recognized, and none of them is going to the point of opening the console.
I'm probably still missing a few ports. Could you please help me pinpoint which ones are still missing ?

Best answer by KeyboardUser

Hello,

I finally found what’s been preventing the console to open on those jump servers.

I have been focusing on opening network access between those servers and it seems I got that part right after all.

Those jump servers are very remote and not using standard vlans on this infrastructure for various reasons.

This means that the standard inputs is using a vlan those jumps can’t access.The login fields have to be adjusted consequently. This is why I had to modify manually the CommServe name to an FQDN specific name using the right network path.

And without common CommCell name in the fields, no SSO retrieved.

I hope the way I’m explaining this makes sense for you.

Thank you for your help on this.

 

View original
Did this answer your question?

9 replies

Forum|alt.badge.img+3
  • Vaulter
  • 20 replies
  • September 13, 2022

Good Morning,

It seems the proper ports are open, does your java console launch  and the failure is using SSO?

can you log in with a local account?


Forum|alt.badge.img+1
  • Author
  • Bit
  • 4 replies
  • September 13, 2022

Hi Urosa,
 

What seems to be working :

-The full name of the CommServe is properly found when entering the short name at first

-The jar files are locally copied in my profile on  the jump server as usual (I’m using a usual Java from Oracle).

 

But :

-I’m being prompted for the credentials as a blank window / My windows credentials are not found for SSO.

-When manually filling the fields wether with my AD credentials or a local Commvault account, this ends up with an error : ‘Unable to connect to CommCell <MyCSFullName>’.


Forum|alt.badge.img+3
  • Vaulter
  • 20 replies
  • September 13, 2022

Good Morning,

Could you try going to https://CommCell/Console which should trigger the java and have the CommCell FullName filled. 

 

If that works, it might required some more details on the local console install.


Forum|alt.badge.img+1
  • Author
  • Bit
  • 4 replies
  • September 14, 2022

Hi again @Urosa ,

Thanks for your feedback.

Accessing https://CommCell/Console is working alright.

The CommCell full name is properly found when prompting the credential window.
I may have been unclear, but the blank fields are only concerning the credientials which should have been found with SSO activated (account name via AD and password).

 

In short, two thing don’t look right for now. The SSO,ko is one of them, but I’m more concerned about the fact that the console can’t be opened at all.
Of course, those two can be linked as there is obviously something not working properly for now.

 


Forum|alt.badge.img+3
  • Vaulter
  • 20 replies
  • September 14, 2022

Hi @KeyboardUser ,

Could you please open a TR with support as this may required further investigation for the SSO.

Regards,

 


Mike Struening
Vaulter
Forum|alt.badge.img+23

Agreed.  Once created, please share the case number here.


Forum|alt.badge.img+1
  • Author
  • Bit
  • 4 replies
  • September 15, 2022

Hi everyone,
Thanks for your answers.
I will share the case number when done.


Forum|alt.badge.img+1
  • Author
  • Bit
  • 4 replies
  • Answer
  • September 16, 2022

Hello,

I finally found what’s been preventing the console to open on those jump servers.

I have been focusing on opening network access between those servers and it seems I got that part right after all.

Those jump servers are very remote and not using standard vlans on this infrastructure for various reasons.

This means that the standard inputs is using a vlan those jumps can’t access.The login fields have to be adjusted consequently. This is why I had to modify manually the CommServe name to an FQDN specific name using the right network path.

And without common CommCell name in the fields, no SSO retrieved.

I hope the way I’m explaining this makes sense for you.

Thank you for your help on this.

 


Mike Struening
Vaulter
Forum|alt.badge.img+23

Appreciate the solid reply, @KeyboardUser !  Hopefully this helps future members 🤓


Reply


Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings