darrylh Posted March 1, 2004 Report Share Posted March 1, 2004 Hello All, I am trying to setup the client, but I am getting retrospect traffic from a number of ports. So far none of the source ports are 497, but they all are destined for port 497. I need to have retrospect only send from 1 port to configure the firewall. PS Am also open to other reasonable solutions Thanks Link to comment Share on other sites More sharing options...
natew Posted March 1, 2004 Report Share Posted March 1, 2004 Hi What ports are you seeing traffic on? Some firewalls report connections to local services as network connections. Retrospect only needs TCP and UDP on port 497 for communication on the network. If you firewall off everything but port 497 the client should still work. Nate Link to comment Share on other sites More sharing options...
darrylh Posted March 1, 2004 Author Report Share Posted March 1, 2004 Hi, I'm seeing traffic on ports 1737 & 1633 with the client machine's port 497 as the destination. On the system running Retrospect Pro I see traffic from 497 to 1745, 1742 and 1738 Network consists of 2 Win XP Pro systems Dlink wireless Router Dlink 10/100 switch Retrospect Pro Ver 6.0 w/ latest update Thanks Link to comment Share on other sites More sharing options...
natew Posted March 2, 2004 Report Share Posted March 2, 2004 Hmmmmm, If you block those extra ports on the server machine can you still connect to the client? Thanks Nate Link to comment Share on other sites More sharing options...
darrylh Posted March 2, 2004 Author Report Share Posted March 2, 2004 I'll check it out and let you know. I thought about this, both systems are running personal firewalls.. I was finally able to see the client after I turned the firewalls off Link to comment Share on other sites More sharing options...
abe Posted March 3, 2004 Report Share Posted March 3, 2004 It is worth noting that the Retrospect firewall configuration utility bundled with Client does not set the WinXP firewall correctly. After running the retfwset utility, edit the XP firewall rules: change the Retrospect client entries "255.255.255.255" to "127.0.0.1". (sorry I can't be more specific; I don't have an XP client system here to check on right now). Anyhow, the clients need only port 497 opened for TCP and UDP, as Nate said earlier. And the same goes for the Retrospect system: I've got ZoneAlarm Pro on one such backup server, and it works flawlessly with just TCP port 497 open going out. Specifically, in ZAP 4, I've called the expert rule Retrospect, source My Computer, destination a specific subnet. In the Protocol box I created an entry called "Retrospect communications" with protocol set to TCP, destination port Other/497, source port Other/Any. Why it works without UDP 497 open on the server as well, I dunno. Abe Link to comment Share on other sites More sharing options...
AmyJ Posted March 3, 2004 Report Share Posted March 3, 2004 Quote: Why it works without UDP 497 open on the server as well, I dunno. Port 497 for UDP does not need to be open if you are adding clients by Direct IP Address. Retrospect's name service, used for finding nodes, uses multicast (UDP). The actual transfer of data and the addition of clients by IP address or DNS name is done by unicast. Link to comment Share on other sites More sharing options...
darrylh Posted March 4, 2004 Author Report Share Posted March 4, 2004 Thanks for all the input, I'll give it try. BTW the FW I'm using is Trend PC-Cillin.. Shouldn't make a difference though Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.