Job Writing to Cloud Connect Repository Fails with: "Target gate has rejected connection. Connection target is not recognized. No rule exists."

KB ID: 4314
Product: Veeam Cloud Connect | 10 | 11
Published: 2022-05-31
Last Modified: 2022-07-11
Get weekly article updates
By subscribing, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.

Cheers for trusting us with the spot in your mailbox!

Now you’re less likely to miss what’s been brewing in our knowledge base with this weekly digest

error icon

Oops! Something went wrong.

Please try again later.

Challenge

Some Veeam Cloud Service Providers may observe that their tenant's jobs intermittently fail with either of the following errors:
Error Cloud gate has rejected connection. Reason: Connection target is not recognized. No rule exists.. (System.Exception)
Error Connection target is not recognized. No rule exists. (Veeam.Backup.Common.CCloudGateNoRuleException)
This issue can occur seemingly at random, with no pattern of which jobs, tasks, or tenants are affected.

Causes & Solutions

Scenario 1: External Load Balancer or DNS Round-Robin

An external load balancer or DNS Round-Robin has been configured between the tenant's environment and the Cloud Connect Provider's Cloud Gateways, which causes traffic to be sent to a Cloud Gateway other than the one assigned to the tenant's task.

As each task begins on the tenant's side of the connection, the Cloud Connect server creates a dedicated traffic forwarding rule for the backup traffic. This traffic rule is based on Veeam Cloud Connects internal load-balancer selecting the Cloud Gateway server with the least amount of tasks already assigned. Once the traffic rule is created, that tenant's backup activity is expected to use the designated Cloud Gateway and is not allowed to use any gateways where this rule does not exist.

An external load balancer or DNS Round-Robin breaks this logic and may cause tenant traffic bound to a specific forwarding rule to be sent to a different Cloud Gateway, resulting in the error mentioned above. 


Here is an example of how that incorrect configuration will appear within the view in the Veeam Cloud Connect Console:

Incorrect Configuration
Veeam Log Examples

Log from tenant side
%programdata%\Veeam\backup\BackupJob\Job.*.log

Info [CloudGateSvc] Checking gates availability for provider 'vcc.cloudprovider.com', gates to check are: [IP: vcc.cloudprovider.com , port:6180],[IP: vcc.cloudprovider.com , port:6180]

Logging in Service Provide environment
%programdata%\Veeam\backup\CloudConnectService\Tenant\Auxiliary_session\Session.log

Info [CloudForwarding] Found following gates for tenant: Tenant, preferred gates: [IP: vcc.cloudprovider.com , port:6180];[IP: vcc.cloudprovider.com , port:6180], failover gates:

To prevent the issue, Veeam Cloud Service Providers should avoid external load balancing for Cloud Gateway traffic.

Here is an example of a correctly configured set of Cloud Gateway servers, each with their own distinct DNS and IP address.

Corrected Configuration

Scenario 2: Cloud Gateways Have Duplicate BIOS UUIDs


Managed Servers are tracked by Veeam Backup & Replication using their unique BIOS UUID. The BIOS UUID is a globally unique identification number that is tied to the hardware, phsyical or virtual. Having identical BIOS UUID for several machines in the same environment is an abnormal situation and can affect both Veeam and other applications in unexpected ways. In virtual environments, this situation can happen if virtual machines were deployed from the same template or were cloned in some other way.

To check the BIOS UUID of a Cloud Gateway, run the following command in an Administrative PowerShell window:

(get-wmiobject Win32_ComputerSystemProduct).uuid

Each Cloud Gateway server should have a unique BIOS UUID. To change the BIOS UUID for the affected machines, follow guidelines from the virtualization environment vendor.

For phsyical server's with duplicate UUID issues, please contact the hardware vendor.

 

If a Cloud Gateway's BIOS UUID was change, do the following to update the Veeam Cloud Connect database:

  1. Reboot the Cloud Gateway server
  2. Within the Veeam Cloud Connect Console, navigate to Backup infrastructure -> Managed Windows Servers
  3. Right-Click on the Server's entry, select Properties
  4. Click Next, Next, Apply, Next, Finish through each of the Edit Windows Server wizard's pages.
If the gateway configuration is correct, and the error "Connection target is not recognized. No rule exists." continues to occur, please collect logs and open a support case.

More information

  • For high availability reasons, Veeam Cloud Service Providers can use DNS Round-Robin and external load balancers only for the name of the Service Provider when adding it to a tenant VBR server:
    https://helpcenter.veeam.com/docs/backup/cloud/cloud_connect_sp_settings.html

    Cloud Gateway Configuration example from VCC Best Practice Resource: Load Balancers
  • Please keep in mind that Veeam has its own HA logic and keeps the names of all available Cloud Gateway Servers obtained from SP during a previous rescan or job run. This allows the tenant VBR server to automatically failover to the next gateway if some gateways are offline.
Send Article Feedback
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.

Spelling error in text

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

Oops! Something went wrong.

Please try again later.

KB Feedback/Suggestion

This form is only for KB Feedback/Suggestions, if you need help with the software open a support case

By submitting, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Verify your email to continue your product download
We've sent a verification code to:
  • Incorrect verification code. Please try again.
An email with a verification code was just sent to
Didn't receive the code? Click to resend in sec
Didn't receive the code? Click to resend
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

error icon

Oops! Something went wrong.

Please try again later.