Yeah with the VSA appliance you need to toggle on the connection option so VONE can connect to install the required components. Once that is done the connection will timeout and everything works. We had no issues with the first VONE upgrade and it updating the VBR servers with the new Analytics service. To me it runs way better now and even moreso with Patch 1.
Our VBRs are running on v12.2 and 12.3.x. So no appliances. After upgrade of VONE to v13 we got issue as we are using microsegmentation and only connection from VONE to VBR was allowed. Now is discussion with security, that we need opposite connection ...
Our VBRs are running on v12.2 and 12.3.x. So no appliances. After upgrade of VONE to v13 we got issue as we are using microsegmentation and only connection from VONE to VBR was allowed. Now is discussion with security, that we need opposite connection ...
Ah ok. Yeah we have all 12.3.x VBR servers and everything works but we have rules in place for bidirectional communication using strict rules. Also it helps my Veeam evironment is on a separate domain from my Production for segragation.
Hello,
Yes the ports connection have been simplified, I will try to explain. First of all we need DNS resolution both ways, this can be done with a DNS Server, or just hosts file, VBR needs to resolve VONE, VONE needs to resolve VBR, then:
VBR on Windows v12.x and future v13 on Win too + Veeam Analytics Service (Veeam ONE Agent)
Managed through the Veeam ONE Console
This is using Veeam ONE Configuration > Data Collection tab to push the agent, etc. In this case we require:
- Veeam ONE to VBR Windows:
- TCP 445
- RPC (49152 to 65535)
- VBR Windows to Veeam ONE:
- TCP 2805
- TCP 1239
- TCP 2741
Managed with offline bundle
This is using Veeam ONE Configuration > Data Collection > Veeam Analytics Service > Download package, so you will have an offline bundle (much more comfy to install at your own pace). In this case we require:
- VBR Windows to Veeam ONE:
- TCP 2805
- TCP 1239
- TCP 2741
VBR on Linux (VSA) + Veeam Analytics Service (Veeam ONE Agent)
Managed through the Veeam ONE Console
This is using Veeam ONE Configuration > Data Collection tab to push the agent, etc. In this case we require:
- Veeam ONE to VBR Linux:
- VBR Linux to Veeam ONE:
- TCP 2805
- TCP 1239 (Analytics Node optional if you do not use it - Dashboards/Reports)
- TCP 2741 (Analytics Node optional if you do not use it - Dashboards/Reports)
Managed with offline bundle
This is using Veeam ONE Configuration > Data Collection > Veeam Analytics Service > Download package, so you will have an offline bundle (much more comfy to install at your own pace). In this case we require:
- VBR Linux to Veeam ONE:
- TCP 2805
- TCP 1239 (Analytics Node optional if you do not use it - Dashboards/Reports)
- TCP 2741 (Analytics Node optional if you do not use it - Dashboards/Reports)
Extra - Failback on VBR on Windows v12.x
We have a failback option when upgrading to Veeam ONE v13, in case we cannot push/install the agent to those existing VBRs, we will keep monitoring them as of today, with remote WMI and all the jazz, which means the current massive port range described here:
You should see this only as a failback, in case the agent cannot auto-install.
------
That should be it. We are still double checking all of this and I hope we can update the documentation soon. But the goal with Veeam Analytics Service was to make everything much simpler, and reduce the super long range of ports.
Thanks for posting that Jorge. Great reference for sure on the changes. 👍
Thanks jorge.delacruz for deep dive into communication changes!
