Ports
As AWS Plug-in for Veeam Backup & Replication is installed on the same machine where Veeam Backup & Replication runs, it uses the same ports as those described in the Veeam Backup & Replication User Guide, section Ports. In addition, AWS Plug-in for Veeam Backup & Replication also uses ports listed in the following table.
From | To | Protocol | Port | Notes |
|---|---|---|---|---|
Web browser (local machine) | Backup appliance | TCP/HTTPS | 443 | Required to access the Web UI component from a user workstation. |
SSH | 22 | [Optional] Required to connect to the backup appliance using SSH. | ||
TCP/HTTPS | 11005 | [Optional] Default port required to communicate with the public REST API service running on the backup appliance. For more information on Veeam Backup for AWS REST API, see the Veeam Backup for AWS REST API Reference. To learn how to change the port number, see the Configuring Security Settings section in the Veeam Backup for AWS REST API Reference. | ||
Worker instances | TCP/HTTPS | 443 | Required to access the file-level recovery browser running on a worker instance during the file-level recovery process. | |
Backup appliance | SMTP server | TCP/SMTP | 25 | Default port used for sending email notifications. |
Veeam Update Notification Server (repository.veeam.com) | TCP/HTTPS | 443 | Required to download information on available product updates. | |
Ubuntu Security Update Repository (security.ubuntu.com) | TCP/HTTP | 80 | Required to get OS security updates. | |
DotNetCore Repository (packages.microsoft.com) | TCP/HTTPS | 443 | Required to get DotNet updates. | |
PostgreSQL Apt Repository (apt.postgresql.org) | TCP/HTTP | 80 | Required to get PostgreSQL updates. | |
PostgreSQL Website (postgresql.org) | TCP/HTTPS | 443 | Required to download the file https://www.postgresql.org/media/keys/ACCC4CF8.asc. | |
TCP/HTTPS | 443 | Required to perform data protection and disaster recovery operations. | ||
Worker instances | TCP/HTTPS | 443 | Required to perform data protection and disaster recovery operations. | |
AWS Plug-in for Veeam Backup & Replication | Backup appliance, AWS services | TCP/HTTPS | 443 | Port used for communication with AWS and Veeam Backup for AWS. |
Backup server | TCP | 6172 | Port used by AWS Plug-in for Veeam Backup & Replication to connect to a component that enables communication with the Veeam Backup & Replication database. | |
Veeam Backup & Replication console and Veeam ONE server | AWS Plug-in for Veeam Backup & Replication | TCP | 9402 | Port used to connect to AWS Plug-in for Veeam Backup & Replication. |
Note |
When you deploy a backup appliance from the Veeam Backup & Replication console, Veeam Backup & Replication automatically creates security groups for the required ports to allow communication between the backup server and the appliance components. |
To open network ports, you must add rules to security groups associated with Veeam Backup for AWS components:
- A security group associated with the backup appliance. For more information, see Installing Veeam Backup for AWS Using CloudFormation Template and Installing Veeam Backup for AWS from AMI.
- Security groups associated with worker instances. For more information, see Configuring Worker Instance Settings.
To learn how to add security groups rules, see AWS Documentation.