Using firewalls, Virtual recovery assistant ports, Microsoft windows ports – HP Storage Mirroring V5.1 Software User Manual

9 - 1

Using Firewalls

If your source and target are on opposite sides of a NAT or firewall,

you will need to configure your hardware to accommodate Storage

Mirroring Virtual Recovery Assistant communications. You must

have the hardware already in place and know how to configure the

hardware ports. If you do not, see the reference manual for your hardware.
In a NAT or firewall environment, you must have a static mapping where a single, internal IP address

is always mapped in a one-to-one correlation to a single, external IP address. Virtual Recovery

Assistant cannot handle dynamic mappings where a single, internal IP address can be mapped to any

one of a group of external IP addresses managed by the router.

Virtual Recovery Assistant ports

By default, Storage Mirroring uses port 6320 for all communications.
You will also need to verify that port 6330 is open for Storage Mirroring Virtual Recovery Assistant

communications.
Virtual Recovery Assistant uses ICMP pings to monitor the source for failover. A failover monitor will

not be created if ICMP is blocked (although the data and system state will still be protected). You

should configure your hardware to allow ICMP pings between the source and target. If you cannot,

you will have to monitor for a failure manually and create a dummy monitor at failover time that can

be manually failed over. Contact technical support for assistance with this manual process.

Microsoft Windows ports

Virtual Recovery Assistant uses WMI (Windows Management Instrumentation) which uses RPC

(Remote Procedure Call). By default, RPC will use ports at random above 1024, and these ports must

be open on your firewall. RPC ports can be configured to a specific range by specific registry changes

and a reboot. See the Microsoft Knowledge Base article 154596 for instructions.
Virtual Recovery Assistant also relies on other Microsoft Windows ports.



Microsoft File Share uses ports 135 through 139 for TCP and UDP communications.



Microsoft Directory uses port 445 for TCP and UDP communications.

These ports must be open on your firewall. Check your Microsoft documentation if you need to modify

these ports.

Hardware ports

You need to configure your hardware so that the Virtual Recovery Assistant and Microsoft Windows

ports are open. Since communication occurs bidirectionally, make sure you configure both incoming

and outgoing traffic.
There are many types of hardware on the market, and each can be configured differently. See your

hardware reference manual for instructions on setting up your particular router.