Ports
Veeam Backup for Nutanix AHV automatically creates firewall rules for the ports required to allow communication between the Nutanix AHV backup appliance, workers and the backup server.
Important |
Some Linux distributions require manual configuration of firewall rules. For more information, see this Veeam KB article. |
Backup Appliance
The following table describes network ports that must be opened to ensure proper communication of the Nutanix AHV backup appliance with other backup infrastructure components.
From | To | Protocol | Port | Notes |
|---|---|---|---|---|
Workstation web browser | Nutanix AHV backup appliance | TCP/HTTPS | 443 | Used to access the Nutanix AHV backup appliance web console. |
Nutanix AHV backup appliance | Nutanix REST API | TCP/HTTPS | 9440 | Used to communicate with Nutanix AHV REST API. |
Backup server | TCP | 10006 | Used to connect to Veeam Backup & Replication. | |
Workers | TCP | 19000 | Used to communicate with workers. | |
Nutanix AHV server | TCP/iSCSI | 3205, 3260 | Used to access disks attached to Nutanix AHV VMs. | |
Veeam backup repository (or gateway server) | TCP | 2500-3300 | Default range of ports used as transmission channels for jobs and restore sessions. For every TCP connection that a job uses, one port from this range is assigned. | |
Mail server | SMTP | 25 | Used to send email notifications. The port number can be changed. | |
Rocky Linux repositories (mirrors.rockylinux.org, mirrors.fedoraproject.org, rockylinux.map.fastly.net) | TCP/HTTP(S) | 80 (443) | Used to get OS security updates, .NET Core updates and PostgreSQL update packages. The listed mirror URLs are used to get actual URLs that will be used to obtain updates. | |
Veeam Update Repository Amazon CloudFront | TCP/HTTPS | 443 | Used to download Nutanix AHV backup appliance update packages. Note: Veeam Update Repository uses the Amazon CloudFront service to distribute traffic when downloading product updates. | |
Nginx repository (nginx.org/packages/, nginx.org/packages/keys/) | TCP/HTTPS | 443 | Used to download Nginx packages required for Nutanix AHV backup appliance web console updates. |
Workers
The following table describes network ports that must be opened to ensure proper communication of workers with other backup infrastructure components.
From | To | Protocol | Port | Notes |
|---|---|---|---|---|
Worker | Nutanix REST API | TCP/HTTPS | 9440 | Used to communicate with Nutanix AHV REST API. |
Backup server | TCP | 10006 | Used to connect to Veeam Backup & Replication. | |
Backup appliance | TCP | 19001 | Used to communicate with the backup appliance. | |
Nutanix AHV server | TCP/iSCSI | 3205, 3260 | Used to access disks attached to Nutanix AHV VMs. | |
Veeam backup repository (or gateway server) | TCP | 2500-3300 | Default range of ports used as transmission channels for jobs and restore sessions. For every TCP connection that a job uses, one port from this range is assigned. | |
Rocky Linux repositories (mirrors.rockylinux.org, mirrors.fedoraproject.org, rockylinux.map.fastly.net) | TCP/HTTP(S) | 80 (443) | Used to get OS security updates, .NET Core updates and PostgreSQL update packages. Note: The listed mirror URLs are used to get actual URLs that will be used to obtain updates. | |
Veeam Update Repository Amazon CloudFront | TCP/HTTPS | 443 | Used to download Nutanix AHV backup appliance update packages. Note: Veeam Update Repository uses the Amazon CloudFront service to distribute traffic when downloading product updates. | |
Nginx repository (nginx.org/packages/, nginx.org/packages/keys/) | TCP/HTTPS | 443 | Used to download Nginx update packages. |
The following table describes network ports that must be opened to ensure proper communication of the backup server with other backup infrastructure components.
From | To | Protocol | Port | Notes |
|---|---|---|---|---|
Veeam Backup & Replication console and Veeam ONE server | Backup server | TCP/HTTPS | 8543 | Used to communicate with the Platform Service REST API. |
FLR helper appliance | Backup server | TCP | 2500 | Used to connect to the backup server during file-level restore. |
Mount Service | Backup server | TCP | 9401 | Used to connect to the backup server during file-level restore. |
Backup server | FLR helper appliance | TCP | 22 2500 | Used to connect to the helper appliance during file-level restore. For the full list of ports used for connections to the FLR helper appliance, see the Veeam Backup & Replication User Guide, section Used Ports. |
Backup server | TCP/HTTPS | 6172 | Used by the AHV Platform Service to enable communication with the Veeam Backup & Replication database. | |
Nutanix AHV cluster | TCP/HTTPS | 9440 | Used by the AHV Platform Service to connect to an Nutanix AHV cluster. | |
Nutanix AHV backup appliance | TCP/HTTPS | 443 | Used by the AHV Platform Service to connect to Nutanix AHV backup appliance. |
Note |
For the list of ports used by the backup server to communicate with backup repositories, see the Veeam Backup & Replication User Guide, section Used Ports. |
The vPower NFS Service is a Microsoft Windows service that runs on a Microsoft Windows machine and enables this machine to act as an NFS server. The vPower NFS Service is required to perform such operations as file-level restore and Instant Recovery.
Note |
For the full list of ports required for Performing File-Level Restore, see the Veeam Backup & Replication User Guide, section Used Ports. |
From | To | Protocol | Port | Notes |
|---|---|---|---|---|
Nutanix AHV cluster | Microsoft Windows server with the mount server role running vPower NFS Service | TCP UDP | 111 | Used by the Port Mapper service. |
TCP UDP | 1058+ or 1063+ | Used as default mount port. The number of port depends on where the vPower NFS Service is located:
If port 1058/1063 is occupied, the succeeding port numbers will be used. | ||
TCP UDP | 2049+ | Used as NFS port. If port 2049 is occupied, the succeeding port numbers will be used. |