Skip to main content
  • EN

Hi everyone

I'm experiencing an issue with one of our Veeam backup jobs where the process fails consistently with the following error:

Error: Failed to do TLS handshake.
Possible cause: Unknown error
Detailed info: Reconnectable protocol device was closed.

Context:

  • Veeam Backup & Replication is being used for a daily VM backup job.

  • The failure occurs for a single VM.

  • The backup job retries multiple times, but ends with 0 bytes transferred and a final error after approximately 2 minutes.

  • TLS handshake failure seems to prevent the backup from initializing.

  • No successful backup was performed (0 B read, 0 B transferred).

What we’ve tried so far:

  • Verified basic network connectivity.

  • Restarted both the Veeam Backup server and the affected VM.

  • Confirmed that the VM is reachable and responsive.

  • No recent configuration changes were made to the VM or the infrastructure.

Questions:

  1. What could be causing the TLS handshake to fail in this context?

  2. Could this be related to certificate issues or an outdated Veeam transport service?

  3. Are there specific logs I should collect for deeper troubleshooting?

Any help or guidance would be greatly appreciated!

Thanks in advance!

Hi! The "Failed to do TLS handshake" error is usually related to secure communication issues between Veeam and the proxy or host. A few things to check:

  • Corrupted or outdated Veeam Transport Service (try Rescan and reinstall transport components).

  • Version mismatch between Veeam components (make sure everything is fully updated).

  • Firewall, antivirus, or IDS/IPS blocking communication (especially TCP ports 2500–5000).

  • Application-Aware Processing issues (try disabling it as a test).

Also, check the task and transport logs for more insight and share with us:C:\ProgramData\Veeam\Backup\<JobName>

Hope this helps!

Also what versions of VBR and VMware or hypervisor are you using.  This also helps with troubleshooting as there could be an update to address this.  Check the log directory posted by Matheus.

please describe if its for one specific backup job, and everything else is working  or do you have only this one backup job there

because if everything, then could be certificate issue ...

I’m doubtful it’s about connectivity to the VM -- we’d likely see SSL or RPC errors if that were the case.

I would strongly advise open a Support Case with Veeam, as a lot of information will be needed to better isolate this.

TLS Handshake failure I am extremely doubtful is about any of the following:

  • Corrupted Veeam components
  • Veeam component version mismatches (we would see other errors likely first)
  • IPS/IDS (not impossible, but it’s difficult to check without checking the IPS/IDS logging directly or using Wireshark/TCPDump)
  • Connectivity to the VM
  • VBR/Hypervisor versions

Veeam supports TLS 1.2 for a long time now by default and there’s partial support for TLS 1.3 depending on your guestOS version.

While I can imagine some of the above possibly presenting this way, it wouldn’t be my first guess when a stock TLS handshake error is far more likely. Of the above, IPS/IDS are the strongest but I also don’t like this answer because as noted you have to hope to catch it on the IPS/IDS logging or sniff network traffic and find it.

Start with a support case though, as right now even with the rather nice description, we still don’t know between what two components are we getting the TLS error. My guess is proxy => hypervisor, but we also don’t know the hypervisor so difficult to tell. Support will be able to glean the necessary infrastructure information from the logs and provide better guidance.

Hi ​@Sivaisnavan Sivatharan - did you get an answer to your question and if so can you please share so we can mark an answer as “Best Answer” even if it is yours.

Comment


Terms & Conditions