NAT/Firewall Configuration

This page provides information about the ports used by GigaVaultStorage, and details on what ports need to be opened to enable GigaVaultStorage to work across different networks behind a NAT/Firewall.

TCP Port 32004

GigaVaultStorage Server opens this port. All Client-Server communication including backups, restore etc. (except TCP discovery) is done through this port. If a GigaVaultStorage Server is behind a NAT/Firewall then this port needs to be opened to enable GigaVaultStorage clients to backup to this server. Opening up this port is mandatory for the core functionality of backup and restore to work in GigaVaultStorage. By default the port used by GigaVaultStorage is 32004, if you have modified the 'Backup Server Port' during installation, then you have to open the corresponding port in your NAT/Firewall.

TCP SSL Port 32007

From GigaVaultStorage v2.3, GigaVaultStorage clients can send the backup data to the backup server on secure SSL port 32007. This port is disabled in the backup server and the client by default. SSL port can be enabled by changing the Enabled attribute to 1 in the SSL tag in the SGConfiguration.conf file. When enabled in the backup server, the GigaVaultStorage backup server can accept backup requests on both port 32004 and the SSL port 32007. When enabled in the client, the client will start sending the backup data on the SSL port.

If SSL port is enabled in the backup server and in the client, all Client-Server communication including backups, restore etc. (except TCP discovery) from that client will be done through the SSL port 32007 and therefore if a GigaVaultStorage Server is behind a NAT/Firewall then this port needs to be opened to enable the GigaVaultStorage client to backup to this server.

By default the port used by GigaVaultStorage for SSL is 32007. But it can be modified by changing the 'SSLServer' attribute in the 'Ports' tag in the SGConfiguration.conf file. This port number should be set the same in both the server and the client.

TCP Port 32008(Windows 64-bit OS)

From GigaVaultStorage v2.4 Exchange Mailbox backup and restore is supported for Exchange Server 2007. GigaVaultStorage 64-bit client exe can send the backup request to the 32-bit client exe on port 32008 running in the same machine. If a GigaVaultStorage Client is behind a NAT/Firewall then this port needs to be opened to enable Exchange 2007 Mailbox backup and restore to be performed. Opening up this port is mandatory for the core Exchange 2007 Mailbox functionality of backup and restore to work in GigaVaultStorage. By default the port used by GigaVaultStorage for Exchange 2007 Mailbox backup is 32008. But it can be modified by changing the "e;MAPI32Bit"e; attribute in the "e;Ports"e; tag in the SGConfiguration.conf file located in <SG_Home>/conf folder.

TCP Port 32005

Both GigaVaultStorage Client and Server open this port. This port is used for two purposes:

1. For all communication between the PHP module (invoked by the GigaVaultStorage browser based WebConsole) and the GigaVaultStorage C++ modules. In GigaVaultStorage, all UI requests from the browser are served by PHP pages, which in turn connect to this port to get the required data. By default the port used by GigaVaultStorage is 32005, if you have modified the 'UI Communication Port' during installation, then you have to open the corresponding port in your NAT/Firewall.

2. GigaVaultStorage peers also use this port to do a more complete discovery of each other sharing details about other peers etc. This TCP discovery is always enabled in GigaVaultStorage.

This port need not be configured in the NAT/Firewall. If so, the only feature that would not work is: Switching to a GigaVaultStorage peer behind the NAT/Firewall through the WebConsole of another GigaVaultStorage peer outside the NAT/Firewall.

TCP Port 6060, 6061

These ports are used by the GigaVaultStorage Web Server (Apache) to serve requests from GigaVaultStorage WebConsole (User Interface). These ports are configurable. When you first install GigaVaultStorage you would have been given an option to change these ports. The NAT/Firewall should also 'allow' these ports if you need the ability to connect/administer a GigaVaultStorage peer behind the NAT/Firewall.

Multicast Ports (UDP) 6363, 6364

These two multicast ports are used by GigaVaultStorage Clients and Servers for discovering peers within a subnet. In most networks, multicasting will work only within a subnet. There is no need to open these ports in firewall or NAT devices as multicast packets may not be sent across networks, anyway. Multicast discovery is enabled by default in GigaVaultStorage.

UDP Port 32006

This UDP port is used in discovery of GigaVaultStorage peers in a network. GigaVaultStorage does a UDP scanning on port 32006 of all possible IP Addresses in a network to detect the presence of other GigaVaultStorage peers. There is no need to open this port in the NAT/firewall as GigaVaultStorage does the UDP scanning only within its subnet. By default, UDP network scanning is disabled in GigaVaultStorage.