Using firewalls, Full-server failover ports, Microsoft windows ports – HP Storage Mirroring V5.1 Software User Manual
Page 27: Hardware ports
10 - 1
Using Firewalls
If your source and target are on opposite sides of a NAT or firewall,
you will need to configure your hardware to accommodate
Full-Server Failover communications. You must have the hardware
already in place and know how to configure the hardware ports. If
you do not, see the reference manual for your hardware.
In a NAT or firewall environment, you must have a static mapping where a single, internal IP address
is always mapped in a one-to-one correlation to a single, external IP address. Full-Server Failover
cannot handle dynamic mappings where a single, internal IP address can be mapped to any one of a
group of external IP addresses managed by the router.
Full-Server Failover ports
Full-Server Failover relies on Storage Mirroring for port configuration. By default, Storage Mirroring
uses port 6320 for all communications. To verify or modify the ports, you must use the Storage
Mirroring Management Console.
1.
Select Start, Programs, Storage Mirroring, Management Console.
2.
Locate your servers in the server tree in the left pane of the Management Console.
3.
Right-click the server in the left pane of the Management Console and select Properties.
4.
On the Network tab, verify or modify the Communications Port as needed. All Full-Server
Failover servers and clients must be using the same port.
Full-Server Failover uses ICMP pings to monitor the source for failover. A failover monitor will not be
created if ICMP is blocked (although the data and system state will still be protected). You should
configure your hardware to allow ICMP pings between the source and target. If you cannot, you will
have to monitor for a failure manually and create a dummy monitor at failover time that can be
manually failed over. Contact technical support for assistance with this manual process.
Microsoft Windows ports
Full-Server Failover uses WMI (Windows Management Instrumentation) which uses RPC (Remote
Procedure Call). By default, RPC will use ports at random above 1024, and these ports must be open
on your firewall. RPC ports can be configured to a specific range by specific registry changes and a
reboot. See the Microsoft Knowledge Base article 154596 for instructions.
Full-Server Failover relies on other Microsoft Windows ports.
Microsoft File Share uses ports 135 through 139 for TCP and UDP communications.
Microsoft Directory uses port 445 for TCP and UDP communications.
These ports must be open on your firewall. Check your Microsoft documentation if you need to modify
these ports.
Hardware ports
You need to configure your hardware so that the Full-Server Failover and Microsoft Windows ports
are open. Since communication occurs bidirectionally, make sure you configure both incoming and
outgoing traffic.
There are many types of hardware on the market, and each can be configured differently. See your
hardware reference manual for instructions on setting up your particular router.
NOTE:
If your server is not listed, select Insert, Server. Type the machine name or IP
address and click OK.