Firewall support

Firewalls must be configured to allow the following ports through to support Continuous Protection Server. CPS automatically creates a firewall exception list.

If any of the default port settings are changed on one computer, they must be changed on all computers in the Continuous Protection Server Backup Group.

Warning:

Incorrectly editing registry keys may severely damage your system. Before making changes to the registry, you should back up any valued data on the computer.

Table: Default port settings for Continuous Protection Server lists the default port settings for Continuous Protection Server.

Table: Default port settings for Continuous Protection Server

Service Name

Default Port Number

Port Type

Editable Registry Key

Network Helper Service (ENL)

1804

UDP

HKLM\Software\Symantec\ENL\Network.TCPIP

CPA Data

20481

TCP

HKLM\Software\Symantec\Backup Exec CPS\Parameters\Communications\FFXport

CPA RPC

20483

TCP

HKLM\Software\Symantec\Backup Exec CPS\Parameters\RPC Interface\RxRsaStaticPort

CMS RPC

20485

TCP

HKLM\Software\Symantec\Backup Exec CPS\Parameters\RPC Interface\RxRmsStaticPort

Additionally, the Continuous Protection Server Services Manager, push-install, and Settings Utility utilize Windows file sharing (NetBIOS or SMB) ports. In order for these services to function, you must configure the ports.

Table: Ports that should not be opened to the Internet lists the ports that you should not open to the Internet.

Table: Ports that should not be opened to the Internet

Service Name

Default Port Number

Port Type

Editable Registry Key

Windows

(NetBIOS over TCP/IP)

445

TCP

No

Windows

(NetBIOS

137

138

139

UDP

UDP

TCP

No

Continuous Protection Server also uses the following ports on the local server:

  • 2638

  • 9000-9003

  • 10000

  • 13730

  • 14300

  • 20487

Because these ports are only used on the local server, it is not necessary (or recommended) that they be opened through your firewall.

Firewall support