Job Writing to Cloud Connect Repository Fails with: "Target gate has rejected connection. Connection target is not recognized. No rule exists."
Challenge
Causes & Solutions
Scenario 1: External Load Balancer or DNS Round-Robin
An external load balancer or DNS Round-Robin has been configured between the tenant's environment and the Cloud Connect Provider's Cloud Gateways, which causes traffic to be sent to a Cloud Gateway other than the one assigned to the tenant's task.
As each task begins on the tenant's side of the connection, the Cloud Connect server creates a dedicated traffic forwarding rule for the backup traffic. This traffic rule is based on Veeam Cloud Connects internal load-balancer selecting the Cloud Gateway server with the least amount of tasks already assigned. Once the traffic rule is created, that tenant's backup activity is expected to use the designated Cloud Gateway and is not allowed to use any gateways where this rule does not exist.
An external load balancer or DNS Round-Robin breaks this logic and may cause tenant traffic bound to a specific forwarding rule to be sent to a different Cloud Gateway, resulting in the error mentioned above.
Here is an example of how that incorrect configuration will appear within the view in the Veeam Cloud Connect Console:
To prevent the issue, Veeam Cloud Service Providers should avoid external load balancing for Cloud Gateway traffic.
Here is an example of a correctly configured set of Cloud Gateway servers, each with their own distinct DNS and IP address.
Scenario 2: Cloud Gateways Have Duplicate BIOS UUIDs
Managed Servers are tracked by Veeam Backup & Replication using their unique BIOS UUID. The BIOS UUID is a globally unique identification number that is tied to the hardware, phsyical or virtual. Having identical BIOS UUID for several machines in the same environment is an abnormal situation and can affect both Veeam and other applications in unexpected ways. In virtual environments, this situation can happen if virtual machines were deployed from the same template or were cloned in some other way.
To check the BIOS UUID of a Cloud Gateway, run the following command in an Administrative PowerShell window:
Each Cloud Gateway server should have a unique BIOS UUID. To change the BIOS UUID for the affected machines, follow guidelines from the virtualization environment vendor.
For phsyical server's with duplicate UUID issues, please contact the hardware vendor.
If a Cloud Gateway's BIOS UUID was change, do the following to update the Veeam Cloud Connect database:
- Reboot the Cloud Gateway server
- Within the Veeam Cloud Connect Console, navigate to Backup infrastructure -> Managed Windows Servers
- Right-Click on the Server's entry, select Properties
- Click Next, Next, Apply, Next, Finish through each of the Edit Windows Server wizard's pages.
More information
- For high availability reasons, Veeam Cloud Service Providers can use DNS Round-Robin and external load balancers only for the name of the Service Provider when adding it to a tenant VBR server:
https://helpcenter.veeam.com/docs/backup/cloud/cloud_connect_sp_settings.html
Cloud Gateway Configuration example from VCC Best Practice Resource: Load Balancers - Please keep in mind that Veeam has its own HA logic and keeps the names of all available Cloud Gateway Servers obtained from SP during a previous rescan or job run. This allows the tenant VBR server to automatically failover to the next gateway if some gateways are offline.
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.
Spelling error in text
Thank you!
Your feedback has been received and will be reviewed.
KB Feedback/Suggestion
This form is only for KB Feedback/Suggestions, if you need help with the software open a support case
Thank you!
Your feedback has been received and will be reviewed.