When do I actually need to configure network topologies in Commvault?

Network topology configuration is only required when the default automatic tunneling ports (8400 and 8403) cannot be used or cannot be opened bidirectionally. If both ports are accessible between components, Commvault handles communication automatically without additional configuration.

What is the difference between a network gateway and a cascading gateway?

A network gateway is a single dedicated Commvault agent in a perimeter network that tunnels connections between external and internal clients. A cascading gateway configuration uses multiple gateways across different network zones, where each gateway communicates with the next to maintain secure tunneled connections across multiple security boundaries.

Configuring Network Topologies, Gateways & Firewall Routes

Name: Configuring Network Topologies, Gateways & Firewall Routes
Uploaded: 2026-03-25T07:15:41-04:00
Duration: 7 min 27 s
Description: TL;DR Commvault uses port 8400 for communication and port 8403 for automatic tunneling when dynamic ports are blocked, requiring no additional network configuration in most environments. Network topologies simplify firewall configurations by defining c...

Commvault

03/25/2026

0 (0%)

Report Like Favorite

TL;DR

Commvault uses port 8400 for communication and port 8403 for automatic tunneling when dynamic ports are blocked, requiring no additional network configuration in most environments.
Network topologies simplify firewall configurations by defining communication rules between server groups, with options for one-way routes (client-initiated only) and two-way routes (bidirectional).
Network gateways are dedicated agents placed in perimeter networks that authenticate, encrypt, and tunnel connections between external clients and internal infrastructure, supporting NAT operations.
Cascading gateway configurations enable secure communication across multiple network zones by chaining gateway agents that authenticate and encrypt tunnel connections between zones.

This technical tutorial provides a comprehensive walkthrough of Commvault network configuration options for managing communication between backup infrastructure components across firewalls and segmented networks. The video explains how Commvault components use both standard communication ports and dynamic ports for data transfer, with automatic tunneling capabilities that encapsulate traffic through port 8403 when dynamic ports are blocked. Administrators learn that network topology configuration is only necessary when default automatic tunneling cannot be used or when specific firewall rules require custom routing. The tutorial covers the key topology types available in Commvault, including one-way network routes where only one side can initiate connections (typically client servers connecting to infrastructure in untrusted zones like DMZs), and two-way network routes that allow bidirectional communication with port restrictions. Network gateways are explained as dedicated Commvault agents placed in perimeter networks that authenticate, encrypt, and tunnel connections between external and internal clients, with support for NAT operations. The video also addresses cascading gateway configurations for environments spanning multiple network zones, where gateways in each zone communicate with each other to maintain secure tunneled connections. Port forwarding scenarios are covered for situations where internal infrastructure is exposed through a single external IP address, allowing specific gateway ports to forward connections to internal servers. The demonstration portion walks through creating a cascading gateway topology in the Commvault interface, showing how to select client groups, configure infrastructure machines using manual groups or smart groups, and set advanced options including encryption, tunnel protocol selection, and parallel data transfer stream configuration.

Chapters

0:00 - Network Configuration Fundamentals
1:17 - When Configuration Is Required
2:04 - Network Topology Types
3:53 - Network Gateways
4:23 - Cascading Gateways
5:53 - Creating a Network Topology

Key Quotes

1:01 "There is no need to configure any network topologies or network routes in the convult software. The only requirement is that the communication port 8400 and tunnel port 8403 are open and accessible between the components."
1:33 "Convult software uses network topologies to simplify network configurations between server groups."
3:53 "The Commvault network gateway is a special configuration in which a dedicated Commvault agent is placed in a perimeter network that is configured to allow connections into the perimeter network."
4:05 "The network gateway authenticates, encrypts and allows the tunnel connections it accepts to connect the clients operating outside of the private network to clients operating inside of it."

Categories:

» Webinar Library » Commvault
» Data Protection

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

05/12/2026

11:30 PM

05/12/2026

Implementing Effective Strategies for Active Directory Security and Data Protection

https://www.truthinit.com/index.php/channel/1888/implementing-effective-strategies-for-active-directory-security-and-data-protection/
05/13/2026

01:00 AM

05/13/2026

Transforming the Black Box: Reveal Hidden Threats and AI Risks through Data Lineage

https://www.truthinit.com/index.php/channel/1890/transforming-the-black-box-reveal-hidden-threats-and-ai-risks-through-data-lineage/
05/13/2026

05:00 AM

05/13/2026

Transforming the Black Box: Revealing AI Risks and Hidden Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1894/transforming-the-black-box-revealing-ai-risks-and-hidden-threats-through-data-lineage/
05/19/2026

01:00 PM

05/19/2026

Establishing a Robust AI Governance Framework for GenAI Throughout Deployment Phases

https://www.truthinit.com/index.php/channel/1936/establishing-a-robust-ai-governance-framework-for-genai-throughout-deployment-phases/
05/20/2026

08:00 AM

05/20/2026

Establishing a Robust AI Governance Framework for GenAI Throughout Its Lifecycle

https://www.truthinit.com/index.php/channel/1937/establishing-a-robust-ai-governance-framework-for-genai-throughout-its-lifecycle/
05/20/2026

10:00 PM

05/20/2026

Establishing a Robust AI Governance Framework for GenAI Throughout Its Lifecycle

https://www.truthinit.com/index.php/channel/1953/establishing-a-robust-ai-governance-framework-for-genai-throughout-its-lifecycle/
05/21/2026

11:00 AM

05/21/2026

The Autonomous Era: Orchestrating a Resilient Enterprise

https://www.truthinit.com/index.php/channel/1372/the-autonomous-era-orchestrating-a-resilient-enterprise/
05/27/2026

04:00 AM

05/27/2026

Rivoluziona i rischi dell'AI in opportunità con Netskope AI Security

https://www.truthinit.com/index.php/channel/1925/rivoluziona-i-rischi-dellai-in-opportunità-con-netskope-ai-security/
05/27/2026

10:00 AM

05/27/2026

Harnessing AI: Transitioning from Illusion to Purposeful Mastery

https://www.truthinit.com/index.php/channel/1924/harnessing-ai-transitioning-from-illusion-to-purposeful-mastery/
05/28/2026

01:00 PM

05/28/2026

Harnessing AI for Smaller Teams: Strategies for Secure Implementation

https://www.truthinit.com/index.php/channel/1951/harnessing-ai-for-smaller-teams-strategies-for-secure-implementation/
06/02/2026

01:00 PM

06/02/2026

Spring of Satori: Delving into Recent Findings and the 2026 Threat Landscape

https://www.truthinit.com/index.php/channel/1930/spring-of-satori-delving-into-recent-findings-and-the-2026-threat-landscape/
06/04/2026

02:00 AM

06/04/2026

Mastering the Unseen: Managing Shadow AI and Agentic MCP Traffic

https://www.truthinit.com/index.php/channel/1948/mastering-the-unseen-managing-shadow-ai-and-agentic-mcp-traffic/
06/16/2026

07:00 AM

06/16/2026

Transforming Data Risk into Actionable Priorities: Essential Fixes First

https://www.truthinit.com/index.php/channel/1952/transforming-data-risk-into-actionable-priorities-essential-fixes-first/