Skip to main content
Code42 Support

Reconfiguring Incorrect Port Settings With Network Redirection

Applies to:
  • Code42 CrashPlan (previously CrashPlan PROe)

Overview

This tutorial explains how to use the internal firewall of a host server in order to restore CrashPlan app connectivity when the port number of the primary or secondary network address, or both, was entered incorrectly. However, this workaround only works in certain cases, as discussed below.

Considerations

You will sometimes need to make network configuration changes to a Code42 server that is already functioning in a working Code42 environment. If an incorrect network address is entered in the administration console, endpoint devices can be cut off from communication with the Code42 server. This tutorial explains how to modify the internal firewall settings of a Code42 server in order to restore CrashPlan app connectivity when the following conditions are met:

  • The primary and/or secondary network addresses were entered incorrectly in the administration console.
  • The incorrect settings prevents some or all CrashPlan apps from connecting to the master server for backups, restores, or syncing.
  • The incorrect information is restricted to the port number, but the IP address or hostname itself is correct (or a DNS change can redirect endpoint devices to the master server).

Before you begin

You will need administrative access to your host server in order to complete this task.

Be sure you understand the exact cause of the connectivity issues you are trying to solve before attempting this task. If you input further incorrect information, these steps have the potential to strand even more CrashPlan apps.

Redirect ports on a Linux Code42 server

Before you begin

This process uses the built-in Linux firewall application iptables. Iptables is usually installed by default on most Linux distributions. You should have some familiarity with the Linux command line and iptables before undertaking this process.

You can easily determine whether or not your Code42 server has iptables installed by entering the following command on the Linux command line: iptables

If iptables is installed, you should see output similar to:

iptables v1.4.14: no command specified
Try `iptables -h' or 'iptables --help' for more information.

If iptables is not installed, please follow the procedure for your Linux distribution in order to install iptables.

Older versions of Linux
You may need to modify the instructions below to suit your individual environment. Less recent versions of Linux may lack modules or components referenced here.

Steps

Step 1: Sign in to Code42 server

Sign in to the Code42 server using ssh, in order to gain command-line access. You will need root permissions to modify the firewall rules.

Step 2: Redirect relevant ports with iptables

You will now need to redirect the port that your CrashPlan apps are trying to use based on the wrong primary and/or secondary network addresses to the correct address. For this example, we are making the following assumptions:

  • The devices running the CrashPlan app are trying to connect to port 5282
  • The Code42 server is actually listening on port 4287 (the standard port)

Replace the port number (5282) with the actual mistyped port number from your primary and/or secondary network address settings.

The actual steps for redirecting the ports using iptables:

  1. In your command-line terminal, enter the command: iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 5282 -j REDIRECT --to-port 4287
  2. Confirm that the new firewall rule is in effect with the command: iptables -t nat -L -n -v
    • The output of the last command should contain the following:
      Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 2 120 REDIRECT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5282 redir ports 4287

Step 3: Confirm that CrashPlan apps are now able to connect

After you have updated the iptables rules on the Code42 server, devices that are attempting to connect should be able to contact the Code42 server automatically.

To view all connect devices, sign in to the administration console, and select Devices. A green circle in the Online icon Online column means that the device is online and connected to the master server.
Device Overview

Step 4: Correct the mistyped network address/port number in the Code42 server administration console

  1. Sign in to the administration console on your Code42 server.
  2. Go to Settings > Server, and enter the correct values for the primary and/or secondary network addresses.

Step 5: Confirm that devices have received network changes

From a device, go to Settings > Account, then confirm that the primary and secondary network addresses show the corrected values.

Step 6: Delete firewall port redirection rule with iptables (optional)

Once you are certain that the affected user devices have received the corrected changes, you may delete the firewall rule that redirects CrashPlan apps to the correct port.

  • The simplest way to do this is to reboot the Code42 server, as the operating system will not preserve the firewall rule change from above without further steps.
  • You may also delete the firewall rule from the Linux command line.
    1. Enter the following command (be sure to replace the example port of 5282 with the actual "bad" port number from your environment):
      iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 5282 -j REDIRECT --to-port 4287
    2. Confirm that the port redirection rule was deleted with the command:
      iptables -t nat -L -n -v
    3. The output should show that the port redirection rule is now absent.

Redirect ports on a Windows Code42 server

Before you begin

This solution requires the use of the Windows command prompt, and the netsh.exe command. You should be familiar with using the Windows command prompt and netsh.exe. You will need to run the command prompt with administrative privileges. To do this, right-click the command prompt icon from the Windows menu and choose "Run as administrator".

Steps

Step 1: Sign in to Code42 server

You will need administrative access to the Windows server running the Code42 server.

Step 2: Redirect relevant ports with netsh

You will now need to redirect the port that your CrashPlan apps are trying to use based on the wrong primary and/or secondary network addresses to the correct address. For this example, we are making the following assumptions:

  • the devices running the CrashPlan app are trying to connect to port 5282
  • the Code42 server is actually listening on port 4287 (the standard port)

Replace the port number (5282) with the actual mistyped port number from your primary and/or secondary network address settings.

  1. From a Windows command prompt, enter the following command:
netsh interface portproxy add v4tov4 listenport=5282 listenaddress=<ipaddress> connectport=4287 connectaddress=<ipaddress>

Replace <ipaddress> with the address of the server, for example, 192.0.2.0.

  1. Confirm the ports with the following command:
    netsh interface portproxy show all

Step 3: Confirm that CrashPlan apps are now able to connect

After you have used netsh on the Code42 server, devices that are attempting to connect should be able to contact the Code42 server automatically.

To confirm that devices are re-connecting, sign in to the administration console, and select Devices. A green circle in the Online icon Online column means that the device is online and connected to the master server.

Device Overview

Step 4: Correct the mistyped network address/port number in the Code42 server administration console

  1. Sign in to the administration console on your Code42 server.
  2. Go to Settings > Server, and enter the correct values for the primary and/or secondary network addresses.

Step 5: Confirm that devices have received network changes

From a device, go to Settings > Account, then confirm that the primary and secondary network addresses show the corrected values.

Step 6: Delete firewall port redirection rule with netsh (optional)

Once you are certain that the affected user devices have received the corrected changes, you may delete the firewall rule that redirects CrashPlan apps to the correct port.

Using the Windows command prompt, enter the following command (replace the port and IP values below with the actual values from your environment):
netsh interface portproxy delete v4tov4 listenport=5282 listenaddress=192.0.2.10

External resources