Skip to main content

Who is this article for?

Code42 for Enterprise
CrashPlan for Enterprise

Incydr, no.

CrashPlan for Enterprise, yes.

Code42 for Enterprise, yes.

CrashPlan for Small Business, no.

This article applies to on-premises authority servers.

Code42 Support

Managed appliance installation guide

Who is this article for?

Code42 for Enterprise
CrashPlan for Enterprise

Incydr, no.

CrashPlan for Enterprise, yes.

Code42 for Enterprise, yes.

CrashPlan for Small Business, no.

This article applies to on-premises authority servers.


The Code42 managed appliance and Managed Private Cloud (MPC) are systems for which Code42 provides hardware and remote monitoring and management. This guide is intended to assist you in unboxing, installing, configuring, and maintaining your managed appliance or Managed Private Cloud.

Before you begin

Prepare these physical requirements for your Managed Private Cloud:

  • Dual 110-240V power sources (standard power cables are included)
    • Power requirements vary from 230W to 460W, depending on model
  • 2-4 U rack space per managed appliance
  • 2 ethernet connections
  • Monitor and keyboard for initial setup

Set up your Managed Private Cloud


When you receive your Managed Private Cloud, open the boxes and verify the contents of your appliance shipment. Each managed appliance contains the following:

Box Contents

  1. Managed appliance
  2. Rack mount rails (2)
  3. Power cords (4)
  4. Hard drives
    Hard drives are shipped separately and are pre-mounted in hot swap carriers

Rack the managed appliance

  1. Unbox and inspect the managed appliance, drives, and other hardware for any physical damage that may have occurred during shipping.
  2. Rack the chassis using the included quick-lock rails.
    Due to the physical size and weight of the managed appliance, we recommend that two people work together to place your managed appliance in your server rack.

Insert Server Into Rack
See the chassis user guide for detailed server installation instructions.

Connect cables and power on your managed appliance

  1. Install the included hard drives in the managed appliance.
    • The serial number of the managed appliance is marked on the box the drives were shipped in.
    • The hard drives can be installed in any order within a managed appliance as long as the serial numbers match. It is critical that you match each drive to the managed appliance for which it was intended.
  2. Connect a keyboard (USB) and monitor (VGA) for initial setup.
  3. Plug in the Ethernet cable(s) to the two RJ45 ports labeled eth0 and MGT
  4. Plug in the MGT/IPMI cable
  5. Plug in the SAS cable
  6. Plug in the power cables
    Requires two 110-220V auto-sensing power supplies

Port Diagram

  1. Power on the managed appliance

Verify power supply and drive status

Check the power supply indicator lights to verify that each drive is working properly. For managed appliances, drive lights should be blue, except for the hot spare drives, which will double-blink red. The indicator lights reveal the status of each individual drive. All managed appliances use the IBPI (International Blinking Pattern Interpretation) standard.

For more information, refer to our short guide to indicator lights.

Network configuration

Gather the following network configuration information before you begin installation:

  • Hostname (e.g.
  • Host (e.g. myhost)
  • IP Address for ETH0 (e.g.
  • Netmask for ETH0 (e.g.
  • Gateway Address (e.g.
  • IPMI IP Address (e.g.
  • IPMI Subnet Mask (e.g.
  • IPMI Gateway (e.g.
  • DNS Server(s) (e.g.
  • DNS Search domain(s) (e.g.
  • NTP Network Time Server (e.g.
  • Email Server (e.g.
  • Region/Timezone (e.g. “America/Chicago” or “Asia/Singapore”)
To decrease any risk of intrusion, customers with a managed appliance should ensure the intelligent platform management interface (IPMI) is on its own out-of-band network. If you have questions, contact our Customer Champions for Code42 for Enterprise support.

Firewall configuration

Prepare the following firewall rules on your network before the managed appliance installation. We have divided these firewall rules between your managed appliance, Monitoring, and Cloud Storage rules.

Code42 server network ports

The following tables list the default Code42 server ports.

Inbound ports

In firewalls:

  • Open port 4287 for inbound requests from Code42 apps.
  • Open port 4285 for inbound requests from browsers and from Code42 apps version 6.5 and later.
  • Open 4280 only in the rare case where your server does not use TLS security.
Port forwarding
You can use port forwarding, also called port mapping, to avoid port conflicts and port restrictions within your Code42 environment and on other networks.
Port(s) Protocol Source Destination Description

4287 (TLS)

  • LAN networks
  • Internet

Your authority server

  • Backup traffic from internal and external endpoints
  • Statistics and job status from internal and external endpoints
Your storage servers Backup traffic from internal and external endpoints
4280 (HTTP)
4285 (HTTPS)
  • LAN networks
  • Internet
Your authority server and storage servers
  • Browser access to Code42 consoles, and to web restore to internal and external endpoints
  • For Code42 servers 6.5 and later deploying Code42 apps 6.5 and later, access for client deployment and customization.
Inbound IP addresses

For best results, we recommend that you allow inbound requests to your Code42 authority server from all the Code42 cloud storage IP addresses.

Outbound ports

In firewalls:

  • Open ports 25, 53, 123, and 443 to let your Code42 servers send requests to mail, DNS, NTP (Network Time Protocol) servers, and the Code42 license server.
  • Open an LDAP or RADIUS port only if you use one of those services.
  • Open port 5432 only for a server that uses a PostgreSQL database.
    • Open 5432 if PostgreSQL resides at an IP address other than the server's address,
    • Or open 5432 if PostgreSQL and your server share the same address, but your firewall otherwise blocks connections to localhost.
Specific IPs
For specific Code42 IP addresses, contact our Customer Champions for support.
Port(s) Protocol Source Destination Description
25 TCP Your Code42 server Mail Server(s) SMTP services
53 UDP Your Code42 server DNS Server(s) DNS services
123 UDP Your Code42 server NTP Server(s) NTP services
443 TCP Your Code42 server

Code42 product license/subscription service

TCP Your Code42 server

Managed appliance and monitored authority upgrade files

389 (LDAP)
636 (LDAPS)
TCP Your authority server LDAP or Active Directory Server(s) Integration with LDAP or Active Directory services
UDP Your Code42 server RADIUS Server(s) RADIUS services
5432 TCP Your Code42 server PostgreSQL Database service

Multi-server deployment ports

If you use multiple Code42 servers, most likely one authority server and one or more storage servers, then in the firewall that protects each server:

  • Open 4283 only in the rare cases where your servers do not use TLS security.
  • Open port 4287 and 4288, both inbound and outbound, for server-to-server communications using TLS security.
  • (Version 7.0 and earlier) Open port 4286, both inbound and outbound, also for server-to-server communications.
Port(s) Protocol Source Destination Description


4287 (TLS)

4288 (TLS)


Your Code42 server

Your Code42 server Data balancing between Code42 servers

(Version 7.0 and earlier)

Your Code42 server

Your Code42 server Statistics traffic between Code42 servers

Monitor ports

In order to allow Code42 to monitor your managed appliance, you need to configure your network to allow communication from Code42.

Only apply firewall rules for monitoring if you use Code42's managed appliance monitoring.

Specific IPs
For specific IPs, contact our Customer Champions for support.
Port(s) Protocol Source Destination Description

(Cloud OS only)

TCP Your Code42 server

Code42 Monitoring Address

Remote monitoring (Zabbix)

(Pre-Cloud OS only)

TCP Your Code42 server

Code42 Monitoring Address

Remote monitoring (Zabbix)
22 TCP

Code42 Remote Access IP

Your Code42 server Remote SSH access from Code42 offices

Code42 Remote Access IP

Your Code42 server Remote console access from Code42 offices

Code42 Remote Access IP

Your authority server's IPMI Interface Remote IPMI access from Code42 offices
623 TCP Your authority server's IPMI Interface

Code42 Remote Access IP

Remote IPMI access from Code42 offices

Code42 for Enterprise cloud storage ports

Configure your managed appliance

When you power on the managed appliance and the operating system loads, the main command line interface (CLI) console opens. Type commands at the command prompt.

Configure with the set command

Use the following set commands for initial system setup. These commands allow you to configure the time zone, IPMI, and Primary Network Interface for your Managed Private Cloud. Type set and press tab twice to display all available set commands. The following sections walk through each command:

  • set-tz
  • set-ipmi
  • set-net

Set the time zone

Use set-tz to set the local time zone for your managed appliance

set-tz prompt: Example entry
Geographic area America
Time zone Chicago

If the clock on your managed appliance is incorrect, use ntpdate to retrieve the correct time from the configured NTP server.

Configure IPMI

The IPMI Remote Management console enables remote web administration of the managed appliance. IPMI uses a dedicated network device and has its own network configuration. Use set-ipmi to configure the IPMI for your managed appliance.

set-ipmi prompt: Example entry
How should the IPMI get its address? dhcp
IP for IPMI interface <IP address>, e.g.,
Netmask for IPMI interface <mask>, e.g.,
Gateway for IPMI interface <gateway>, e.g.,
Should the IPMI interface be restarted after networking changes? yes

Configure the primary network interface

The primary network interface contains the hostname, IP address and other network settings that the Code42 for Enterprise managed appliance will use to communicate across your network. Use set-net to configure the primary network interface for your managed appliance.

set-net prompt: Example entry
Enter the desired hostname (or leave blank) <hostname>, e.g.,
Please enter an NTP server hostname/IP <NTP server>, e.g.,
Network Pattern static-single
Please enter DNS server(s) separated with commas <DNS server1> <optional DNS server 2>, e.g.,,
Enter the domain name (or leave blank) <domain information>, e.g.,
Please enter IPv4 address for eth0 <IP address>, e.g.,
Please enter IPv4 netmask for eth0 <mask>, e.g.,
Please enter the WAN gateway address for eth0 <gateway>, e.g.,
Would you like to continue with these settings?

Yes to continue. No to exit set-net.

Once the primary network interface has been configured, run the restart-networking command to apply the settings.

Test IPMI settings

Run show-all at the command prompt to view all current network settings. You can also view only the IPMI settings with show-ipmi.

Open a browser and navigate to the IPMI IP address. You should see the following screen:

IPMI Sign In

Contact your Code42 software engineer to test IPMI access, as well as any other external access methods that you have chosen to make available, including SSH access, remote Code42 console access, or others.

Maintain your managed appliance

Monitor for issues

Code42 managed appliance monitoring allows Code42 to configure your managed appliance for performance and reliability. Code42 monitors these status elements and problem indicators, as well as others:

  • Code42 for Enterprise service status
  • Code42 for Enterprise version and update availability
  • Power supply failures
  • Drive failures
  • Out of memory alerts
  • Low disk space alerts
  • Out of disk space alerts
  • RAID array health
  • Database health
  • Web Code42 console responsiveness

For more information on Code42's managed appliance monitoring service, contact our Customer Champions for Code42 for Enterprise support.

Code42 for Enterprise server logs

You can view the Code42 for Enterprise server logs through the Code42 console from Server > Settings > System logs: View.

From the server log view, a drop-down menu lets you choose the log file you wish to view.

Log name Description (0 is the newest log) Primary repository of events, errors, and data. Check this log first for any exceptions.
request-[date].log Lists all of the web requests made to the internal web server.
history.log.X (0 is the newest log) Lists system alerts and general events that have occurred on the server.

Change your IP or IPMI addresses

Throughout the life of your Code42 for Enterprise managed appliance, you may need to change the network configuration of the primary network interface or the IPMI. Do this by running the set-net command to change the IP address and configure the primary network interface or the set-ipmi command to change the IP address of the IPMI.

Contact support at Code42

Contact our Customer Champions for support. For more details, see Code42 enterprise support policy.

Command-line reference

Press TAB twice to display all available commands.

Command Description
apt-retrieve-credentials Retrieve credentials and set up via code42.cfg
Generate a unique password and upload credentials
clear Clear the command screen*
date Display the current date and time*
df Display available disk space on the filesystem*
factory-defaults Completely removes the contents of the code42.cfg
firewall on Enable iptables firewall rules set within /etc/iptables/rules.v4
firewall off Disable iptables firewall rules set within /etc/iptables/rules.v4
free Display total free and used physical and swap memory, and buffers used by the kernel*
history Display the recent commands executed*
hostname Display the system's hostname*
iostat Displays the current CPU load average and disk I/O utilization, providing a great way to monitor your disk I/O usage*
ipmi-factory-defaults Reset IPMI settings to factory defaults
ipmi-password Set an IPMI password
ipmi-reload Re-issues IP/DHCP/networking configuration commands from the code42.cfg to the IPMI
ipmi-reset Reboots the IPMI interface


Configure the IPMI network settings
last-known-good Reverts to a previously set known good configuration
lsicmd Display drive status
netstat Print information about the Linux networking subsystem*
ntpdate Set the local date and time by polling the Network Time Protocol (NTP) given as the server arguments to determine the correct time*
ping Use to check that there is a network communication to another computer*
poweroff Shut down the appliance*
ps Give a snapshot of the current processes*
reboot Reboot the system*
restart-networking Restarts networking, applying network changes
set-ipmi Configure the IPMI network settings
set-monitoring Configure the server to contact for monitoring
set-net Run the network configuration wizard
set-tz Run the time zone configuration wizard
show-all Display all configuration settings
show-ipmi Display all IPMI devices
show-net Display network configuration settings
show-raid Display virtual drive info
show-serial Display the serial number of the managed appliance
show-version Display appliance, CLI, and Pepper version numbers
silencealarm Silence any audible alarms, such as a failed drive alarm
tcpdump Analyzes TCP/IP and other packets transmitted or received by a network*
top Display the top CPU processes*
traceroute Print the route that packets take to the network host*
uptime Display how long the system has been running*
w Displays the users currently logged in, and lists their running processes*

* - indicates this command is a native Linux command. For full information on Linux commands, please view the command's man page. Note that man pages are not installed on the managed appliance operating system.