Network ports for Site Recovery Manager 6.1

Hi All,

Toady I found good KB article about SRM ports which are required for successful implementation and site pairing.

Site Recovery Manager can experience problems if the required network ports are not open.

In a Site Recovery Manager deployment, both the protected site and the recovery site must be able to resolve the vCenter Server instance by name. The correct ports must be open on both sites for uninterrupted communication.

vCenter Server and ESXi Server network port requirements for Site Recovery Manager 6.1

Site Recovery Manager requires certain ports to be open on vCenter Server, Platform Services Controller, and on ESXi Server:

Default Port	Protocol or Description	Source	Target	Description
443	HTTPS	Site Recovery Manager	vCenter Server	Default SSL Web port
443	HTTPS	Site Recovery Manager	Platform Services Controller	Traffic from Site Recovery Manager Server to local and remote Platform Services Controller.
902	TCP and UDP	Site Recovery Manager Server on the recovery site	Recovery site ESXi host	Traffic from the Site Recovery Manager Server on the recovery site to ESXi hosts when recovering or testing virtual machines with IP customization, with configured callout commands on recovered virtual machines, or that use raw disk mapping (RDM). All NFC traffic for updating or patching the VMX files of virtual machines that are replicated using vSphere Replication use this port.

Site Recovery Manager Server 6.1 network ports

The Site Recovery Manager Server instances on the protected and recovery sites require certain ports to be open.

Note: Site Recovery Manager Server at the recovery site must have NFC traffic access to the target ESXi servers.

Default Port	Protocol or Description	Source	Target	Endpoints or Consumers
443	HTTPS	Site Recovery Manager	vCenter Server	Default SSL Web Port for incoming TCP traffic
443	HTTPS	Site Recovery Manager	Platform Services Controller	Traffic from Site Recovery Manager Server to local and remote Platform Services Controller.
902	TCP and UDP	Site Recovery Manager Server on the recovery site	Recovery site ESXi host	Traffic from the Site Recovery Manager Server on the recovery site to ESXi hosts when recovering or testing virtual machines with IP customization, with configured callout commands on recovered virtual machines, or that use raw disk mapping (RDM). All NFC traffic for updating or patching the VMX files of virtual machines that are replicated using vSphere Replication use this port.
1433	TCP	Site Recovery Manager	Microsoft SQL Server	Site Recovery Manager connectivity to Microsoft SQL Server (for Site Recovery Manager database)
1521	TCP	Site Recovery Manager	Oracle Database Server	Site Recovery Manager database connectivity to Oracle
1526	TCP	Site Recovery Manager	Oracle Database Server	Site Recovery Manager database connectivity to Oracle
9086	HTTPS	vSphere Web Client	Site Recovery Manager	All management traffic to Site Recovery Manager Server goes to this port. This includes traffic by external API clients for task automation and HTTPS interface for downloading the UI plug-in and icons. This port must be accessible from the vCenter Server proxy system. Used by vSphere Web Client to download the Site Recovery Manager client plug-in.

Network ports that must be open on Site Recovery Manager and vSphere Replication Protected and Recovery sites

Site Recovery Manager and vSphere Replication require that the protected and recovery sites can communicate.

Port	Protocol or Description	Source	Target	Endpoints or Consumers
31031	Initial replication traffic	ESXi host	vSphere Replication appliance on the recovery site	From the ESXi host at the protected site to the vSphere Replication appliance at the recovery site.
44046	Ongoing replication traffic	ESXi host	vSphere Replication appliance on the recovery site	From the ESXi host at the protected site to the vSphere Replication appliance at the recovery site.
8043	HTTPS	Site Recovery Manager	vSphere Replication appliance on the recovery and protected sites	Management traffic between Site Recovery Management instances and vSphere Replication appliances.

Note: Newly configured replication will use only 31031, existing replications will continue to use 44046 until reconfigured.

Site pairing port requirements

Port	Source	Target	Description
9086	vCenter Server	SRM server target site	vCenter and target SRM communication
9086	SRM server	SRM server on target site	SRM to SRM communication
443	SRM	PSC and vCenter	SRM to vCenter communication – local and remote

Read More

Windows 2008 R2, 2012 & 2016 force boot in Safe mode, DSRM and safe mode with networking

Last week a operations engineer were struggling for booting a windows 2008r2 VM in safe mode. I though of writing blog post for steps booting any Windows in safe mode.

With any windows VM pressing F8 option is very painful task as VM will enter into booting process as soon as you start the VM.

Till physical windows box F8 is very common option to select the boot mode. but if you want to boot windows box forcefuly in SAFE MODE you can use easy option called MSCONFIG.

1) login to system with admin credentials

2) Open RUN and type command 'MSCONFIG' (without quotes)

3) Hit enter

4) in MSconfig window click on Boot menu tab.

5) Check the option Safe Boot and click on OK button

6) Reboot the system, and it will boot in safe mode automatically.

Note: also revert the change back to normal mode by removing checkbox for safe mode

You can still use F8 option to use multiple boot option as well.

Thanks for reading.

Rated 4.6/5 based on 6799 reviews

Read More

Stopping & Starting firewall with command: Automation

After long time writing post.

Toady found very good automation which can help you start & stop firewall with some small commands.

its very useful for creating script / automation for windows customization 

To check the status of firewall
Netsh Advfirewall show allprofiles

To turn of firewall
NetSh Advfirewall set allprofiles state off

To Turn On firewall
NetSh Advfirewall set allrprofiles state on

to run this command make sure you have enough permission like admin account access on server / workstation.

Read More

Remove Windows Search version 4 from XP & 2003, try the following steps:

1. Start by running up Add & Remove Programs from the control panel and look for Windows Desktop Search in the list. Unlike with version 3, Windows Search v4 should be there.
2. If not, open a cmd window (click on Start, then “Run..” and type cmd in the Run dialogue that then appears). Then copy and paste the following line into the cmd window:

   %systemroot%\$NtUninstallKB940157$\spuninst\spuninst.exe

3. If that also fails and you get a “The system cannot find the path specified.” error, then I have zipped up a copy that you can download from here. To work out where to extract it to, type:

   echo %systemroot%

   into your cmd window and note the location it points to (it is likely to be C:\Windows, but may not be if you upgraded to XP for Windows 2000 for example). Open the zip file, and extract the $NtUninstallKB940157$ to this location. Now repeat step 2.

Update: Thanks to “Derek” for pointing out to me that I’d missed the “bleedin’ obvious”, ie that v4 can be removed via “Add Remove Programs”. I’ve added this as step 1 as a consequence. Steps 2 and 3 are likely redundant, but I’ve left them in for completeness.

Read More

Windows Search 4.0 Administrator's Guide

Windows Search 4.0 has a number of new features and enhancements that can help IT professionals deploy and maintain desktop search:

• Improvements in performance and stability of the indexer
• Fuller complement of Group Policy settings, available on all supported operating systems
• Fast sorting and grouping of results in Windows Explorer
• Improvements in indexing online e-mail
• Ability to index delegate mailboxes for online e-mail
• Support for indexing encrypted documents of local file systems
• Expanded ability to do fast remote queries of file shares, including on Windows XP and Server 2003
• Automatic indexing of shared folders
• Improvements in previews for earlier, supported operating systems (Windows Server 2003 and Windows XP)

Windows Search 4.0 extends the ability to search across remote desktops. Previously, only Windows Vista users could query recognizable indexes on remote Vista computers; now, WS4 enables users to query remote computers running any supported operating system. Remote querying includes the following features:

• Queries work across all supported OSes (Windows XP, Server 2003, Home Server, and Vista).
• All shared NTFS folders are automatically indexed (excludes all FAT file systems).
• All shared, and therefore indexed, locations can be remotely queried.

The location on the remote computer must be shared and it must be indexed. With Group Policy, administrators can control whether shared locations are automatically indexed.

Querying from Windows Vista or Windows Server 2008

To query a remote computer, users use Windows Explorer to browse the shared, indexed folder on another machine and enter their searches in Explorer’s search box. If the location is not indexed, then Vista falls back to a slower GREP search instead of WS4.

Querying from Windows XP or Windows Server 2003

To query a remote computer, users select the location from their All Locations menu and enter their search query as usual. First, of course, they must add the remote location to their search scope:

1. From the Windows Search UI, click the All Locations menu and select Add Location.
2. Enter the full path of the location, or browse to the location.

Once added, the new location appears at the bottom of the All Locations menu allowing users to select that location to search in. In the same way, users can remove a location by selecting Remove Location. If the remote location is not indexed, a message appears advising users that the location cannot be searched.

Read More

Caught A VIRUS? Don't worry keep reading.

                                        Caught A Virus?

If you've let your guard down--or even if you haven't--it can be hard to
tell if your PC is infected. Here's what to do if you suspect the worst.




Heard this one before? You must run antivirus software and keep it up to
date or else your PC will get infected, you'll lose all your data, and
you'll incur the wrath of every e-mail buddy you unknowingly infect because
of your carelessness.

You know they're right. Yet for one reason or another, you're not running
antivirus software, or you are but it's not up to date. Maybe you turned
off your virus scanner because it conflicted with another program. Maybe
you got tired of upgrading or maybe your annual subscription of virus definitions recently
expired, and you've put off renewing.

It happens. It's nothing to be ashamed of. But chances are, either you're
infected right now, as we speak, or you will be very soon.

For a few days, the Netsky.p worm was infecting about 2,500
PCs a day. Meanwhile the MySQL bot infected approximately 100 systems a
minute (albeit not necessarily desktop PCs). As David Perry, global
director of education for security software provider Trend Micro, puts it,

"An unprotected [Windows] computer will become owned by a bot within 14
minutes."

Today's viruses, worms, and so-called bots--which turn your PC into a
zombie that does the hacker's bidding (such as mass-mailing spam)--aren't
going to announce their presence. Real viruses aren't like the ones in
Hollywood movies that melt down whole networks in seconds and destroy alien
spacecraft. They operate in the background, quietly altering data, stealing
private operations, or using your PC for their own illegal ends. This makes
them hard to spot if you're not well protected.

Is Your PC "Owned?"

I should start by saying that not every system oddity is due to a virus,
worm, or bot. Is your system slowing down? Is your hard drive filling up
rapidly? Are programs crashing without warning? These symptoms are more
likely caused by Windows, or badly written legitimate programs, rather than
malware. 

After all, people who write malware want to hide their program's
presence. People who write commercial software put icons all over your
desktop. Who's going to work harder to go unnoticed?

Other indicators that may, in fact, indicate that there's nothing that you
need to worry about, include:

* An automated e-mail telling you that you're sending out infected mail.
E-mail viruses and worms typically come from faked addresses.

* A frantic note from a friend saying they've been infected, and therefore
so have you. This is likely a hoax. It's especially suspicious if the note
tells you the virus can't be detected but you can get rid of it by deleting
one simple file. Don't be fooled--and don't delete that file.

I'm not saying that you should ignore such warnings. Copy the subject line
or a snippet from the body of the e-mail and plug it into your favorite
search engine to see if other people have received the same note. A
security site may have already pegged it as a hoax.

Sniffing Out an Infection:

There are signs that indicate that your PC is actually infected. A lot of
network activity coming from your system (when you're not actually using
Internet) can be a good indicator that something is amiss. A good software
firewall, such as ZoneAlarm, will ask your permission before letting
anything leave your PC, and will give you enough information to help you
judge if the outgoing data is legitimate. 

If you're interested in being a PC detective, you can sniff around further
for malware. By hitting Ctrl-Alt-Delete in Windows, you'll bring up the
Task Manager, which will show you the various processes your system is
running. Most, if not all, are legit, but if you see a file name that looks
suspicious, type it into a search engine and find out what it is.

Want another place to look? In Windows XP, click Start, Run, type
"services.msc" in the box, and press Enter. You'll see detailed
descriptions of the services Windows is running. Something look weird?
Check with your search engine.

Finally, you can do more detective work by selecting Start, Run, and typing
"msconfig" in the box. With this tool you not only see the services
running, but also the programs that your system is launching at startup.
Again, check for anything weird.

If any of these tools won't run--or if your security software won't run--
that in itself is a good sign your computer is infected. Some viruses
intentionally disable such programs as a way to protect themselves.

What to Do Next:

Once you're fairly sure your system is infected, don't panic. There are
steps you can take to assess the damage, depending on your current level of
protection.

* If you don't have any antivirus software on your system, or if the
software has stopped working, stay online and go for a free scan at one of
several Web sites. There's McAfee FreeScan, Symantec Security Check, and
Trend Micro's HouseCall. If one doesn't find anything, try two.

 In fact, running a free online virus scan is a good way to double-check the work of
your own local antivirus program. When you're done, buy or download a real
antivirus program.

* If you have antivirus software, but it isn't active, get offline, unplug
wires-- whatever it takes to stop your computer from communicating via the
Internet. Then, promptly perform a scan with the installed software.

* If nothing seems to be working, do more research on the Web. There are
several online virus libraries where you can find out about known viruses.
These sites often provide instructions for removing viruses--if manual
removal is possible--or a free removal tool if it isn't. Check out , Eset's
Virus Descriptions, McAffee's Virus Glossary, Symantec's Virus
Encyclopedia, or Trend Micro's Virus Encyclopedia.

A Microgram of Prevention:

Assuming your system is now clean, you need to make sure it stays that way.
Preventing a breach of your computer's security is far more effective than
cleaning up the mess afterwards. Start with a good security program.

Don't want to shell out any money? You can cobble together security through
free downloads, such as AVG Anti-Virus Free Edition, ZoneAlarm (a personal
firewall), and Ad-Aware SE (an antispyware tool).

Just make sure you keep all security software up to date. The bad guys
constantly try out new ways to fool security programs. Any security tool
without regular, easy (if not automatic) updates isn't worth your money or
your time.

Speaking of updating, the same goes for Windows. Use Windows Update (it's
right there on your Start Menu) to make sure you're getting all of the high
priority updates. You can check by right-clicking on 'My Computer'

Here are a few more pointers for a virus-free life:

* Be careful with e-mail. Set your e-mail software security settings to
high. Don't open messages with generic-sounding subjects that don't apply
specifically to you from people you don't know. Don't open an attachment
unless you're expecting it.

* If you have broadband Internet access, such as DSL or cable, get a
router, even if you only have one PC. A router adds an extra layer of
protection because your PC is not connecting directly with the Internet.

* Check your Internet ports. These are doorways between your computer and
the Internet can be open, in which case your PC is very vulnerable; closed,
but still somewhat vulnerable; or stealthed (or hidden), which is safest.

Visit Gibson Research's Web site and run the free ShieldsUP test to see
your ports' status. If some ports show up as closed--or worse yet, open--
check your router's documentation to find out how to hide them.

Please let us know if you found this information useful by posting a comment below.

Thank you.

Read More