Appendix E. Configuring HTTP Proxy for Backup Appliances
To manage the outbound traffic from your backup appliance, you can route connections through an HTTP proxy. Using an HTTP proxy helps control access to the required services and resources, enhancing the security, efficiency, and privacy of your backup environment.
Note |
The provided instruction does not apply to worker instances that are deployed to perform backup and restore operations, as well as to the Veeam Updater service. To learn how to configure an HTTP proxy for the Veeam Updater service, see Configuring HTTP Proxy for Veeam Updater. |
To configure connection to the internet through an HTTP proxy, do the following:
- To connect to the EC2 instance where Veeam Backup for AWS is installed, run the following ssh command in a terminal window:
- To open the configuration file used to set global environment variables, run the following command:
- In the configuration file, do the following:
- Add a connection through an HTTP proxy server by setting the http_proxy="http://host:port" variable.
- [Applies only if the HTTP proxy server requires authentication] Authenticate against the proxy server by setting the http_proxy="http://username:password@host:port" variable.
- Specify the IP addresses that must bypass the proxy by setting the NO_PROXY="<addresses>" variable, where <addresses> is a comma-separated list of necessary IP addresses or DNS names.
The list must include the following addresses: 169.254.169.254 — the IP address of the Instance Metadata Service (IMDS), localhost and 127.0.0.1 — the DNS name and the IP address of your local machine.
- Save the changes and close the configuration file.
- To apply the changes without rebooting EC2 instance, run the following command:
sudo systemctl restart veeamawsbackupweb veeamawsbackuprestfulapi veeamawsbackup veeamawsbackuprestselfbackup |
Note |
After you configure the HTTP proxy, backup policies execution may take more time to complete due to network latency. |