Here’s the down and dirty on what I setup.
VBR Server — veeam01.notyourdomain.com: 192.168.100.12
Repo Server – lnxrepo01.notyourdomain.com: 192.168.100.101
Public IP — 220.127.116.11
On the Repo Server I added an IP alias that is the same as the public IP: 18.104.22.168/30
On the VBR server I added an IP alias of: 22.214.171.124/30
Using a small network mask means that I’m only keeping the VBR and Repo server from reaching 4 IP addresses on the public Internet, which seems pretty log risk to me of causing any issues.
Obviously I have to forward ports from the Public IP to the NAT’d addresses.
Port 10001 – Endpoint to VBR Server – In my case 10001->192.168.100.12:10001
Port 2500-5000 – Endpoint to Repo Server – You don’t need the entire range, just a couple of ports per concurrent backup. I did 2500-2510->192.168.100.101:2500-2510
On the VBR server I added the repo using the IP address, 126.96.36.199. I could have also added it by name as long as it resolved to this address.
On the client side I simply made sure that it would resolve veeam01.notyourdomain.com to the public IP address.
For my test case I used a hosts file entry, but I could have also published it via DNS if I owned the domain I’m using in my lab.
That’s it, after that the Endpoint client was able to connect the the VBR server over NAT and choose the
repository. Since VBR knows the IP of the repo as the public IP, it sends that IP to the Endpoint agent
and the agent connects up just fine.