| Overview | Prepare CommCell | Firewall Using Proxy | Firewall Without Proxy | Create Installation Package | Web Access |
|
SKIP THIS PAGE IF YOU ARE NOT USING A PROXY Server
Click 
to Continue.
When CommCell components are separated by a firewall, the components must be configured with the connection route to reach each other across the firewall. Once configured, the components seamlessly communicate across the firewall for all data management operations such as backup, browse, restore, etc.
The following sections explain the steps involved in operating through a GatewayProxy:
Follow the steps below to create and configure a placeholder for the GatewayProxy on your CommServe computer before installing it.
| 1. | From the CommCell Console, right-click on the Client Computers, and click New Client. |
 |
| 2. | Select Windows or Unix as applicable from
drop-down list. Click OK. |
 |
| 3. | Provide the Client Name and the Host Name
you will use during your GatewayProxy installation. Click OK. |
 |
| 4. | From the CommCell Console, right-click the client you just created, and click Properties. |
 |
| 5. | Click the Firewall Configuration tab. Select Configure Firewall Settings box. |
 |
| 6. | Click the Incoming Ports tab. Select Listen for tunnel connections on port and enter port number on which the GatewayProxy will listen from the CommServe. |
 |
| 7. | Click Options tab. Clear Lock down CommCell. Select This computer is in DMZ and will work as proxy. Click OK. |
 |
| 8. | From CommCell Browser, navigate to Client Computer Groups, select and right-click the Laptop Backup group and click Properties. |
 |
||
| 9. |
|
 |
||
| 10. |
|
 |
||
| 11. | Select Outgoing Routes tab. Click Add. |
 |
||
| 12. |
|
 |
||
| 13. | Click OK. |
|
||
| 14. |
|
 |
||
| 15. | Click Continue. |
 |
||
| 16. | The specified configuration is saved. The firewall configuration was pushed successfully. |
 |
||
| 17. | The newly added clients will automatically be registered in the client group and will hence inherit the firewall settings established in the client group. |
| 18. | From the CommCell Console, right-click the CommServe computer and click Properties. |
 |
| 19. |
|
 |
| 20. |
|
 |
| 21. |
|
 |
| 22. |
|
 |
| 23. | Click Add. |
|
| 24. |
|
 |
| 25. | Click OK. |
 |
| 26. | From the CommCell Console right-click the CommServe computer, click All Tasks, and click Push Firewall Configuration. |
 |
| 27. | Click Continue. |
|
| 28. | Click OK. |
|
| 29. | From the CommCell Console, navigate to Storage-Resource | MediaAgents, select and right-click <media_agent> and click Properties |
 |
| 30. |
|
 |
| 31. |
|
|
| 32. | Click the Outgoing Routes tab. Click Add. |
 |
| 33. |
|
|
| 34. | Click Add. |
|
| 35. |
|
|
| 36. | Click OK. The Outgoing Routes tab must display two routes: the route from MediaAgent to the proxy and the route from MediaAgent to the client through the proxy. The MediaAgent is configured to receive communication from the client through the GatewayProxy. |
 |
| 37. | From the CommCell Console, right-click the MediaAgent computer and click All Tasks | Push Firewall Configuration. |
 |
| 38. | Click Continue. The MediaAgent is configured to receive communication from the client through the GatewayProxy. |
|
| 39. | Click OK. You are now ready to install the GatewayProxy. |
|
| Install the CommCell client software using one of the following methods on GatewayProxy computer: |
| 1. | Run Setup.exe from the Software Installation Disc in the GatewayProxy computer. | |||
| 2. | Select the required language. Click Next. |
 |
||
| 3. |
Select the option to install software on this computer. NOTES
|
 |
||
| 4. | Click Next. |
 |
||
| 5. | Click OK. |
 |
||
| 6. | Select I accept the terms in the license agreement. Click Next. |
 |
||
| 7. | Expand Client Modules | Backup & Recovery
| File System and select Windows File System
iDataAgent.
Click Next. |
 |
||
| 8. | Select the Configure Firewall Services box. Select CommServe can open connection toward this machine and click Next. |
 |
||
| 9. | Enter the name of the computer in CommServe client name field. Click Next. |
 |
||
| 10. | Click Next. |
 |
||
| 11. | Specify a local port number through which the Client/MediaAgent
will receive communication from the CommServe. Click Next. |
 |
||
| 12. | Specify the port numbers to be used by the Bull Calypso
Communications Service (CVD) and Bull Calypso
Client Event Manager (EvMgrc)
Services. Click Next.
|
 |
||
| 13. | Click Next. |
 |
||
| 14. |
Select Add programs to the Windows Firewall Exclusion
List, to add CommCell programs and services to the Windows Firewall
Exclusion List. Click Next.
|
 |
||
| 15. | Click Next. |
 |
||
| 16. |
Verify the default location for software installation. Click Browse to change the default location. Click Next.
|
 |
||
| 17. | Click Next. |
 |
||
| 18. | Click Next. |
 |
||
| 19. | Click Next. |
 |
||
| 20. | Click Next. |
 |
||
| 21. | Click Next. |
 |
||
| 22. | Click Finish. |
 |
| 1. | Place the Software Installation Disc on a GatewayProxy computer. | |||
| 2. | Run the following command from the Software Installation
Disc: ./cvpkgadd |
|||
| 3. |
The product banner and other information is displayed.
Press Enter to continue. |
|||
| 4. | Read the license agreement. Type y and press Enter to continue. | |||
| 5. | Press Enter. | Please select a setup
task you want to perform from the list below: Advanced options provide extra setup features such as creating custom package, recording/replaying user selections and installing External Data Connector software. 1) Install data protection agents on this computer 2) Advanced options 3) Exit this menu Your choice: [1] |
||
| 7. | Press Enter. |
Certain Calypso packages can be associated
with a virtual IP, or in other words, installed on a "virtual machine" belonging
to some cluster. At any given time the virtual machine's services and IP address
are active on only one of the cluster's servers. The virtual machine can
"fail-over" from one server to another, which includes stopping services and
deactivating IP address on the first server and activating the IP
address/services on the other server.
You now have a choice of performing a regular Calypso install on the physical host or installing Calypso on a virtual machine for operation within a cluster. Most users should select "Install on a physical machine" here. 1) Install on a physical machine 2) Install on a virtual machine 3) Exit Your choice: [1] |
||
| 8. | Press Enter. | We found one network
interface available on your machine. We will associate it with the physical
machine being installed, and it will also be used by the CommServe to connect
to the physical machine. Note that you will be able to additionally customize
Datapipe Interface Pairs used for the backup data traffic later in the Calypso
Java GUI. Please check the interface name below, and make connections if necessary: Physical Machine Host Name: [angel.company.com] |
||
| 9. | Press Enter. | Please specify the client
name for this machine. It does not have to be the network host name: you can enter any word here without spaces. The only requirement is that it must be unique on the CommServe. Physical Machine Client name: [angel] |
||
| 10. | Type the appropriate number to install Unix File
System iDataAgent. A confirmation screen will mark your choice with an "X". Type d for Done, and press Enter. |
Install Calypso
on physical machine 172.19.99.62 Please select the Calypso module(s) that you would like to install. [ ] 1) MediaAgent [1301] [CVGxMA]> [ ] 2) UNIX File System iDataAgent [1101] [CVGxIDA] [a=all n=none r=reverse q=quit d=done >=next <=previous ?=help] Enter number(s)/one of "a,n,r,q,d,>,<,?" here: |
||
| 11. | Press Enter. | Do you want to use the agents for restore only without consuming licenses? [no] | ||
| 12. | Type the appropriate number to install the latest software
scripts and press Enter to continue.
|
Installation Scripts
Pack provides extra functions and latest support and fix performed during
setup time. Please specify how you want to get this pack. If you choose to download it from the website now, please make sure you have internet connectivity at this time. This process may take some time depending on the internet connectivity. 1) Download from the software provider website. 2) Use the one in the installation media 3) Use the copy I already have by entering its unix path Your choice: [1] 2 |
||
| 13. | Press Enter. | Keep Your Install Up
to Date - Latest Service Pack
Latest Service Pack provides extra functions and latest support and fix for the packages you are going to install. You can download the latest service pack from software provider website. If you decide to download it from the website now, please make sure you have internet connectivity at this time. This process may take some time depending on the internet connectivity. Do you want to download the latest service pack now? [no] |
||
| 14. | Press Enter to accept the default path and
continue, or
Enter a path to modify the default path and press Enter.
|
Please specify where
you want us to install Calypso binaries.
It must be a local directory and there should be at least 176MB of free space available. All files will be installed in a "calypso" subdirectory, so if you enter "/opt", the files will actually be placed into "/opt/calypso". Installation Directory: [/opt] |
||
| 15. | Press Enter to accept the default location for the
log files and continue, or
Enter a path to modify the default location and press Enter. |
Please specify where
you want to keep Calypso log files.
It must be a local directory and there should be at least 100MB of free space available. All log files will be created in a "calypso/Log_Files" subdirectory, so if you enter "/var/log", the logs will actually be placed into "/var/log/calypso/Log_Files". Log Directory: [/var/log] |
||
| 16. | Press Enter. |
Most of Software
processes run with root privileges, but some are launched by databases and
inherit database access rights. To make sure that registry and log files
can be written to by both kinds of processes we can either make such files
world-writeable or we can grant write access only to processes belonging
to a particular group, e.g. a "calypso" or a "dba"
group. We highly recommend now that you create a new user group and enter its name in the next setup screen. If you choose not to assign a dedicated group to Software processes, you will need to specify the access permissions later. If you're planning to backup Oracle DB you should use "dba" group. Would you like to assign a specific group to Software? [yes] |
||
| 17. |
Type the Group name and press Enter. Press Enter again. |
Please enter the name
of the group which will be assigned to all Software files and on behalf
of which all Software processes will run.
In most of the cases it's a good idea to create a dedicated "calypso" group. However, if you're planning to use Oracle iDataAgent or SAP Agent, you should enter Oracle's "dba" group here. Group name: sky1 REMINDER If you are planning to install Calypso Informix, DB2, PostgreSQL, Sybase or Lotus Notes iDataAgent, please make sure to include Informix, DB2, etc. users into group "sky1". Press <ENTER> to continue ... |
||
| 18. | Type a network TCP port number for the Communications Service
(CVD) and press Enter.
Type a network TCP port number for the Client Event Manager Service (EvMgrC) and press Enter. |
Every instance of Calypso
should use a unique set of network ports to avoid interfering with other
instances running on the same machine. The port numbers selected must be from the reserved port number range and have not been registered by another application on this machine. Please enter the port numbers. Port Number for CVD : [8600] Port Number for EvMgrC: [8602] |
||
| 19. | If this computer and the CommServe is separated by a firewall, type Yes and then press Enter. | Is there a firewall between this client and the CommServe? [no] Yes | ||
| 20. | Type 2 to select CommServe can open connection toward us option and press Enter. |
Please specify now how your firewall is
limiting network traffic. Whether it's possible to open connection from here to
a CommServe's tunnel port, whether all connections toward CommServe are blocked,
and we should instead expect CommServe to connect back to us, or whether there
is a proxy in between. 1) This machine can open connection to CommServe on a tunnel port 2) CommServe can open connections toward us 3) CommServe is reachable only through a proxy Your choice: [1] |
||
| 21. | Enter the client name of the CommServe computer in place of CommServe
Client Name. Press Enter. |
Please specify client name of the
CommServe below. CommServe Client Name: mycompany |
||
| 22. | Specify a local port number through which the Client/MediaAgent
will receive communication from the CommServe. Press Enter. |
Since we cannot contact CommServe
directly, we will need to configure a reverse tunnel connection from the
CommServe to us. Please enter a local port number to listen on below, then go to
CommServe and create a persistent tunnel toward this client in the [outgoing]
section of FwConfigLocal.txt. When finished, return to this configuration
screen, and hit Enter to continue. Local HTTP/HTTPS tunnel port number: 8550 |
||
| 23. | Press Enter. | If you have checked "Lockdown
CommCell" in firewall properties of the CommServe or Proxy, you need to
provide path to the directory with CommCell HTTPS certificate below. This certificate can be obtained by right-clicking CommServe name in the Java GUI, and selecting All Tasks -> Export Firewall Certificate popup menu item. Have you enabled "Lockdown CommCell"? [no] |
||
| 24. | Press Enter. | Commcell Level Global
Filters are set through Calypso GUI's Control Panel in order
to filter out certain directories or files from backup Commcell-widely.
If you turn on the Global filters, they will be effective to the default
subclient. There are three options you can choose to set the filters.
1) Use Cell level policy 2) Always use Global filters 3) Do not use Global filters Please select how to set the Global Filters for the default subclient? [1] |
||
| 25. | Type the number of a Client Group and press Enter.
A confirmation screen will mark your choice with an "X". Type d for done with the selection, and press Enter to continue.
|
Client Group(s) is currently
configured on CommServe cs.company.com. Please choose the group(s) that
you want to add this client client.company.com to. The selected group(s)
will be marked (X) and can be deselected if you enter the same number again.
After you are finished with the selection, select "Done with the Selection". [ ] 1) Unix [ ] 2) DR [a=all n=none r=reverse q=quit d=done >=next <=previous ?=help] Enter number(s)/one of "a,n,r,q,d,>,<,?" here: 2 |
||
| 26. | Enter the number corresponding to the storage policy through which you want to back up the Unix File System iDataAgent and press Enter. | Please select one storage
policy for this IDA from the list below: 1) SP_StandAloneLibrary2_2 2) SP_Library3_3 3) SP_MagLibrary4_4 Storage Policy: [1] |
||
| 27. | Type 3 to the Exit option and press Enter. The installation is now complete. |
Certain Calypso
packages can be associated with a virtual IP, or in other words, installed
on a "virtual machine" belonging to some cluster. At any given time the
virtual machine's services and IP address are active on only one of the
cluster's servers. The virtual machine can "fail-over" from one server to
another, which includes stopping services and deactivating IP address on
the first server and activating the IP address/services on the other server.
Currently you have Calypso installed on physical node stone.company.com. Now you have a choice of either adding another package to the existing installation or configure Calypso on a virtual machine for use in a cluster. 1) Add another package to stone.company.com Your choice: [1] |
| 1. | From the Proxy Computer, ensure that This computer is in DMZ and will work as a proxy is selected in the Firewall Configuration | Options tab. |
|
| 2. | Right-click the GatewayProxy computer and click All Tasks | Push Firewall Configuration. |
 |
|
|