Important! The information provided in this section is for general Troubleshooting guidance only. The information is provided on "AS IS" basis, with no guarantee of completeness, accuracy or timeliness, and without warranty or representations of any kind, expressed or implied. In no event will CloudEndure and/or its subsidiaries and/or their employees or service providers be liable to you or anyone else for any decision made or action taken in reliance on the information provided above or for any direct, indirect, consequential, special or similar damages (including any kind of loss), even if advised of the possibility of such damages. CloudEndure is not responsible for the update, validation or support of troubleshooting information.
The following is the basic network diagram for all CloudEndure products.
In general, there are three points of contact for CloudEndure’s components with the external network:
CloudEndure utilizes TCP Port 443 and 1500.
Communication over TCP Port 443:
Communication over TCP Port 1500:
Add the following IP addresses and URLs to your firewall:
Required for all customers
CloudEndure Service ManagerThe CloudEndure server. IP Address (requires for utilizing CloudEndure software)
Amazon S3 service URLs (required for downloading CloudEndure software)
AWS specific (required for customers using AWS)
The Replication ServerThe CloudEndure Machine to which Staging Disks are attached and to which data is replicated; launched on the Target location. requires outbound access to the EC2 endpoint of its AWS region.
Each Source machineThe computer, physical or virtual machine that needs to be protected by replication (Disaster Recovery) or migrated (Migration) The CloudEndure Agent is installed on the Source machine. that is a part of your CloudEndure Disaster RecoveryThe CloudEndure solution that enables the recovery or continuation of vital technology infrastructure and systems in case of a crippling event. or MigrationThe CloudEndure solution that allows you to move data, applications, and other business elements from an onsite network or a cloud environment to another physical location or cloud environment. solution must continuously communicate with the CloudEndure Service ManagerThe CloudEndure server. and CloudEndure Console (console.cloudendure.com) over TCP Port 443. The following are the main operations performed through TCP Port 443:
You can establish communication between the SourceThe location of the Source machine; Currently either a specific Region or Other Infrastructure. machines and the CloudEndure Service ManagerThe CloudEndure server. over TCP Port 443 in two ways:
Note: AWS clients should whitelist s3.amazonaws.com and should not enforce Authentication.
https_proxy – use - https://server-ip:port/Note: The value must end with '/'.
https_proxy environmental variable to set your proxy server. Learn more about Environmental Variables.
On the System Variables section of the Environment Variables pane, click New to add the https_proxy environment variable or Edit if the variable already exists. 
Note: User Variables should not be modified.
Enter https://PROXY_ADDR:PROXY_PORT/ in the Variable value field. Click OK.
Note: Proxy authentication is not supported with environmental variables.
Note: If the Environment Variable was created after the CloudEndure Agent has been already installed, then the Agent needs to be restarted. To restart the Agent:
Windows: Restart the service called CloudEndureService
Linux: Run the following commands:/var/lib/cloudendure/runAgent.sh
Note: You can also add the variable through CMD by using SETX as follows:
1. Open CMD as administrator
2. Run: setx https_proxy https://<proxy ip>:<proxy port>/ /m
The Replication ServersThe CloudEndure Machine to which Staging Disks are attached and to which data is replicated; launched on the Target location. on the Staging AreaA part of the Target location; includes the Replication Servers’ subnet, IPs, and the Replication Servers and their disks. must continuously communicate with the CloudEndure Service ManagerThe CloudEndure server. over TCP Port 443. The main operations that are performed through this route are:
Downloading the Replication SoftwareThe software that is downloaded from the Console by the Replication Servers. It runs on the Replication Servers and it is responsible for writing the replicated data to the Staging area disks. by the Replication ServersThe CloudEndure Machine to which Staging Disks are attached and to which data is replicated; launched on the Target location..
You can establish communication between the Staging AreaA part of the Target location; includes the Replication Servers’ subnet, IPs, and the Replication Servers and their disks. and the CloudEndure Service ManagerThe CloudEndure server. over TCP Port 443 in two ways: direct or indirect communication.
https://
Note: If your proxy uses a non-standard port, then the firewall of the Replication Servers may need to be modified to allow outbound traffic to that specific port. You can modify outbound traffic in the following ways:
Each Source machineThe computer, physical or virtual machine that needs to be protected by replication (Disaster Recovery) or migrated (Migration) The CloudEndure Agent is installed on the Source machine. with an installed AgentThe Agent is a software program that is installed on machines in the Source location that need to be migrated or replicated to the Target location. must continuously communicate with CloudEndure Replication ServersThe CloudEndure Machine to which Staging Disks are attached and to which data is replicated; launched on the Target location. in the Staging AreaA part of the Target location; includes the Replication Servers’ subnet, IPs, and the Replication Servers and their disks. over TCP Port 1500. TCP Port 1500 is needed for the transfer of replicated data from the SourceThe location of the Source machine; Currently either a specific Region or Other Infrastructure. machines to the Staging AreaA part of the Target location; includes the Replication Servers’ subnet, IPs, and the Replication Servers and their disks..
The replicated data is encrypted and compressed when transferred over TCP Port 1500. Prior being moved into the Staging AreaA part of the Target location; includes the Replication Servers’ subnet, IPs, and the Replication Servers and their disks., the data encrypted on the SourceThe location of the Source machine; Currently either a specific Region or Other Infrastructure. infrastructure. The data is decrypted once it arrives at the Staging AreaA part of the Target location; includes the Replication Servers’ subnet, IPs, and the Replication Servers and their disks. and before it is written to the disks.
The required bandwidth for transferring the replicated data over TCP Port 1500 should be based on the write speed of the participating SourceThe location of the Source machine; Currently either a specific Region or Other Infrastructure. machines. The recommended bandwidth should be at least the sum of the average write speed of all replicated SourceThe location of the Source machine; Currently either a specific Region or Other Infrastructure. machines.
Minimal bandwidth = the sum of the write speed of all SourceThe location of the Source machine; Currently either a specific Region or Other Infrastructure. machines
For example, suppose you are replicating two SourceThe location of the Source machine; Currently either a specific Region or Other Infrastructure. machines. One has a write speed of 5 MBps (meaning it 5 megabytes of data every second), while the other has 7 MBps. In this case, the recommended bandwidth should be at least 12 MBps.
To calculate the required bandwidth for transferring replicated data over TCP Port 1500, you need to know the write speed of your SourceThe location of the Source machine; Currently either a specific Region or Other Infrastructure. machines. Use the following tools to find the write speed of your Source machines:
iostat command-line utility, located in the systat package. The iostat utility monitors system input/output device loading and generates statistical reports.iostat utility is installed with yum (RHEL/CentOS), via apt-get (Ubuntu), and via zypper (SUSE.)iostat for checking the write speed of a Source machineThe computer, physical or virtual machine that needs to be protected by replication (Disaster Recovery) or migrated (Migration) The CloudEndure Agent is installed on the Source machine., enter the following:-x - displays extended statistics.<interval> - the number of seconds iostat waits between each report. Each subsequent report covers the time since the previous report.For example, to check the write speed of a machineA physical or virtual computer. every 3 seconds, enter the following command:iostat -x 3
We recommend that you run the iostat utility for at least 24 hours, since the write speed to the disk changes during the day, and it will take 24 hours of runtime to identify the average running speed.
DiskMon application. DiskMon logs and displays all hard disk activity on a Windows system. ©2020 COPYRIGHT CloudEndure - Terms of Service - Privacy Policy - AWS Vulnerability Reporting Guidelines - Report a Security Issue