Skip to main content
Druva Documentation

File Level Restore (FLR) fails on VMware Cloud on AWS (VMC) with error failed to establish a new connection

 

Problem description

File Level Restore (FLR) on the original virtual machine or on an alternate virtual machine fails with the following error:

Failed to establish a new connection.

Cause

This error occurs if connectivity to ESXi from the backup proxy is not established and the required firewall rules are not created in the VMC.

Traceback

  1. Download the job logs. For more information, see Logs.
  2. Extract the logs and navigate to file Phoenix-Flr-<YYYY/MM/DD>-<timestamp>-<jobid>.log and search for the following traceback in the logs:

    [2020-03-31 15:21:59,420] [ERROR] Error <class 'requests.exceptions.ConnectionError'>:HTTPSConnectionPool(host='10.3.2.8', port=443): Max retries exceeded with url: /guestFile?id=716&token=52821898-a9ac-b001-08eb-5e03906c33f1716 (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f4cb602c050>: Failed to establish a new connection: [Errno 110] Connection timed out',)). Traceback -Traceback (most recent call last):

    File "agents/flr/flrRestore.py", line 781, in copyFile
    File "requests/api.py", line 131, in put
    File "requests/api.py", line 60, in request
    File "requests/sessions.py", line 533, in request
    File "requests/sessions.py", line 646, in send
    File "requests/adapters.py", line 516, in send

    ConnectionError: HTTPSConnectionPool(host='10.3.2.8', port=443): Max retries exceeded with url: /guestFile?id=716&token=52821898-a9ac-b001-08eb-5e03906c33f1716 (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7f4cb602c050>: Failed to establish a new connection: [Errno 110] Connection timed out',))

Resolution

Create a firewall rule using the following steps:

  1. Login to the VMC console https://vmc.vmware.com.

  2. From the landing page select the required Software-Defined Data Centers (SDDC).

  3. Click on the Networking & Security tab. 

  4. In the Security section click on Gateway Firewall.

  5. In the Management Gateway click on Add New Rule.
    image002.jpg

  6. Enter a Name. Example : esxaccess-Druva

  7. In the Source field, click on Set Source and select User Defined Group.

    1. Click on Create New Group

    2. Enter a Name. Example: Druva-Backup-Proxy.

    3. The Member Type field is set to IP Address.

    4. In the Members field enter the IP address of the backup proxy.

    5. Click Save.
      image004.jpg

  8. In the Destination field click Set Destination.

    1.  Choose System Defined Groups and select ESXi

    2. Click Save.

      image006.jpg
  9. In the Services field select the services.
    image001.png

  10. Click Publish.

Verification

After the firewall rules are applied, attempt the restore again.