Tomcat

If you have installed Commvault Web Console on a Windows Core server you may wonder why you cannot reach the tomcat server on this host. You have for sure configured the firewall with the setup and added the exceptions to the windows firewall, but it is still boarded-up.

Reason:

• Commvault has missed to add the tomcat process to the exception list as the executable is not inside Simpana\Base folder.

Solution:

• Add the exception manually by running the command:
  
  Simpana 10.x:
  netsh advfirewall firewall add rule action=allow dir=in program="C:\Program Files\CommVault\Simpana\Apache\bin\tomcat6.exe" name="CommVault_Process_1_tomcat6 / C:\Program Files\CommVault\Simpana\Apache\bin\tomcat6.exe" enable=yes
  
  Simpana 11.x:
  netsh advfirewall firewall add rule action=allow dir=in program="C:\Program Files\Commvault\ContentStore\Apache\bin\tomcat.exe" name="CommVault_Process_1_tomcat / C:\Program Files\Commvault\ContentStore\Apache\bin\tomcat.exe" enable=yes

History:

I just installed a Web Console on Windows 2012 R2 Core server and learned how insecure this system is out of the box. You may have worked through the Post-Installation Configurations for Web Server and Web Console. This ends with an highly insecure web server configuration. The SSL encryption is sooo weak that I tend to say you can also leave SSL switched off. You can check your server with SSL Server Test. Commvault default with Java 7 will end with the most worse test result of F.