Appendix E. Configuring HTTP Proxy for Backup Appliances

To manage the outbound traffic of your backup appliance, you can configure an HTTP proxy. Using an HTTP proxy provides access to the required services and resources, enhancing the security, efficiency, and privacy of your backup environment.

Note

The provided instruction does not apply to worker instances that are deployed to perform backup and restore operations, as well as to the Veeam Updater service. To learn how to configure an HTTP proxy for the Veeam Updater service, see Configuring Web Proxy.

To configure connection to the internet through an HTTP proxy, do the following:

  1. Connect to the EC2 instance where Veeam Backup for AWS is installed. To do that, run the following ssh command in a terminal window:

ssh -i /path/EC2_instance.pem key ubuntu@<Public DNS hostname or IPv4 address of the EC2 instance>

  1. To open the configuration file used to set global environment variables, run the following command in a terminal window:

sudo nano /etc/environment

  1. In the configuration file, do the following:
  1. To configure a proxy server, set the http_proxy="http://host:port" variable.
  2. [Applies only if the proxy server requires authentication] To authenticate against the proxy server, set the http_proxy="http://username:password@host:port" variable.
  3. To specify the IP addresses that are not required to use the proxy to connect to your backup appliance, set the NO_PROXY="<addresses>" variable, where <addresses> is a comma-separated list of necessary IP addresses or DNS names.

The list must include the following addresses: 169.254.169.254 — the IP address of the Instance Metadata Service (IMDS), localhost and 127.0.0.1 — the DNS name and the IP address of your local machine.

  1. Save the changes and close the configuration file.
  1. To apply the changes without rebooting EC2 instance, run the following command:

sudo service veeamawsbackup restart

Note

After you configure the HTTP proxy, the next run of the backup policies may take more time to complete due to network latency.

Page updated 3/31/2025

Page content applies to build 9.0.0.304