Replication/Backup Solution Prerequisites
To avoid any duplicate IPs in your environment please validate that your data mover jobs are properly configured with test networking settings to run inside an isolated/bubble network on the DR site before starting the job from the EDRM.
Cohesity
The following ports need to be enabled on your firewall to successfully run EnsureDR with the Cohesity:
Source |
Destination |
Port |
Type |
Notes |
EDRM |
EDRC |
139, 445 |
TCP/UDP |
SMB port |
EDRM |
ESXi IP addresses |
443, 902 |
TCP |
All ESXi hosts that you will use in the testing process |
EDRM |
helios.cohesity.com |
443 |
TCP |
Cohesity Helios |
EDRM |
Local mail server |
25 |
TCP |
Default mail port number; if you configured another, enter the firewall port you configured on your mail server |
EDRM |
smtp.sendgrid.net |
587 |
TCP |
SendGrid Email SMTP server integrated solution, setting is not required if you are using local mail SMTP server |
EDRM |
source and target Cohesity cluster |
443 |
TCP |
Data mover port |
EDRM |
source and target VMware vCenter |
443 |
TCP |
VMware vCenter servers |
Commvault
The Commvault PowerShell module must be installed on EDRM server. The following ports need to be enabled on your firewall to successfully run EnsureDR with the Commvault:
Source |
Destination |
Port |
Type |
Notes |
EDRM |
EDRC |
139, 445 |
TCP/UDP |
SMB port |
EDRM |
ESXi IP addresses |
443, 902 |
TCP |
All ESXi hosts that you will use in the testing process |
EDRM |
Local mail server |
25 |
TCP |
Default mail port number, if you configured another, enter the firewall port you configured on your mail server |
EDRM |
smtp.sendgrid.net |
587 |
TCP |
SendGrid Email SMTP server integrated solution, setting is not required if you are using local mail SMTP server |
EDRM |
source and target VMware vCenter |
443 |
TCP |
VMware vCenter servers |
EDRM |
source and target Commvault servers |
81,443 |
TCP |
Commvault web service ports |
NetApp ONTAP
NetApp ONTAP Export Policies must be created and named “EDR” (case sensitive) for SVMs on the DR site before starting the EnsureDR job. In “EDR” Export Policies, add all VMware ESXi hosts that are specified inside the EnsureDR job. If you are using FC or iSCSI volumes, you must set the NetApp ONTAP initiator security named "DR_ESX" (case sensitive) on the primary and target sites to enable the failover/failback process. The following ports need to be enabled on your firewall to successfully run EnsureDR with NetApp ONTAP:
Source |
Destination |
Port |
Type |
Notes |
EDRM |
EDRC |
139, 445 |
TCP/UDP |
SMB port |
EDRM |
ESXi IP addresses |
443, 902 |
TCP |
All ESXi hosts that you will use in the testing process |
EDRM |
Local mail server |
25 |
TCP |
Default mail port number, if you configured another, enter the firewall port you configured on your mail server |
EDRM |
smtp.sendgrid.net |
587 |
TCP |
SendGrid Email SMTP server integrated solution, setting is not required if you are using local mail SMTP server |
EDRM |
source and target NetApp server |
443 |
TCP |
Source and destination NetApp ONTAP |
EDRM |
source and target VMware vCenter |
443 |
TCP |
VMware vCenter servers |
Veeam Backup and Replication
Veeam Backup and Replication console must be installed on EDRM server. The following ports need to be enabled on your firewall to successfully run EnsureDR with Veeam Backup and Replication:
Source |
Destination |
Port |
Type |
Notes |
EDRM |
EDRC |
139, 445 |
TCP/UDP |
SMB port |
EDRM |
ESXi IP addresses |
443, 902 |
TCP |
All ESXi hosts that you will use in the testing process |
EDRM |
Local mail server |
25 |
TCP |
Default mail port number, if you configured another, enter the firewall port you configured on your mail server |
EDRM |
smtp.sendgrid.net |
587 |
TCP |
SendGrid Email SMTP server integrated solution, setting is not required if you are using local mail SMTP server |
EDRM |
source and target VMware vCenter |
443 |
TCP |
VMware vCenter servers |
EDRM |
Veeam Backup & Recovery on target site |
9392, 9419 |
TCP |
Data mover port |
EDRM |
Veeam Enterprise Manager |
9398 |
TCP |
Data mover port |
Veeam SQL
Veeam Backup and Replication console must be installed on the EDRM server. The following ports need to be enabled on your firewall to successfully run EnsureDR with Veeam SQL:
Source |
Destination |
Port |
Type |
Notes |
EDRM |
Local mail server |
25 |
TCP |
Default mail port number, if you configured another, enter the firewall port you configured on your mail server |
EDRM |
smtp.sendgrid.net |
587 |
TCP |
SendGrid Email SMTP server integrated solution, setting is not required if you are using local mail SMTP server |
EDRM |
Veeam Backup & Recovery - SQL destination |
1433 |
TCP |
Default SQL port number, if you configured another, enter the firewall port you configured on the target SQL server |
EDRM |
Veeam Backup & Recovery - SQL repository |
9392 |
TCP |
Data mover port |
VMware Site Recovery Manager
The following ports need to be enabled on your firewall to successfully run EnsureDR with VMware SRM:
Source |
Destination |
Port |
Type |
Notes |
EDRM |
EDRC |
139, 445 |
TCP/UDP |
SMB port |
EDRM |
ESXi IP addresses |
443, 902 |
TCP |
All ESXi hosts that you will use in the testing process |
EDRM |
Local mail server |
25 |
TCP |
Default mail port number, if you configured another, enter the firewall port you configured on your mail server |
EDRM |
smtp.sendgrid.net |
587 |
TCP |
SendGrid Email SMTP server integrated solution, setting is not required if you are using local mail SMTP server |
EDRM |
source and target VMware SRM |
443 |
TCP |
VMware SRM data mover port number |
EDRM |
source and target VMware vCenter |
443 |
TCP |
VMware vCenter servers |
Zerto for VMware vSphere
Zerto made a shift in version 10.x, transitioning from the Windows-based ZVM to the Linux-based Zerto Virtual Manager Appliance (ZVMA), which integrates microservices for security and authentication. This transition influenced the development of a new iteration of EnsureDR, capitalizing on the enhanced capabilities introduced in Zerto v10.x.
EnsureDR version 4.16 represents the final release that offers support for Zerto on-premise utilizing Windows Appliance version 9.x. With the release of EnsureDR version 4.17, the only supported Zerto version is 10.x which works in conjunction with the Linux Appliance and utilizes the KeyCloak authorization. Details about creating Client ID and Secret can be found in our knowledge base article KB50017.
The Zerto PowerShell module must be installed on EDRM server. The following ports need to be enabled on your firewall to successfully run EnsureDR with Zerto:
Destination |
Port |
Type |
Notes |
|
EDRM |
EDRC |
139, 445 |
TCP/UDP |
SMB port |
EDRM |
ESXi IP addresses |
443, 902 |
TCP |
All ESXi hosts that you will use in the testing process |
EDRM |
Local mail server |
25 |
TCP |
Default mail port number, if you configured another, enter the firewall port you configured on your mail server |
EDRM |
smtp.sendgrid.net |
587 |
TCP |
SendGrid Email SMTP server integrated solution, setting is not required if you are using local mail SMTP server |
EDRM |
source and target VMware vCenter |
443 |
TCP |
VMware vCenter servers |
EDRM |
source and target Zerto server |
443/9669 |
TCP |
Data mover port |
EnsureDR requires the specific configuration to be set up in the Azure Portal for efficient management of the recovery process in Microsoft Azure. Details about these required settings can be found in our knowledge base article KB50016.