Installing Restorepoint

Download this manual as a PDF file

Restorepoint is available as a hardware appliance or a VMware virtual appliance. This section describes how to perform the initial configuration of your Restorepoint appliance and configure it to communicate with other devices on your network.

Before You Begin

Before you install your Restorepoint appliance, ensure you meet the following requirements:

  • For hardware installations, 1U of rack space available to install the appliance, with a standard 240V power socket
  • For hardware installations, allocate a port on your Ethernet switch for the appliance
  • The appliance has an allocated static IP address
  • You have configured your firewall to allow traffic between the appliance, and the network devices and servers that Restorepoint will control
  • For virtual deployments, verify that you are running VMware ESX vSphere 6.7U2 or later
  • For virtual deployments, verify your ESX host has 4 GB RAM available and the datastore where the virtual machine will be deployed has 256 GB available
  • Configure your firewall to allow outbound traffic from Restorepoint to the Internet. If you have a firewall between any of your devices and Restorepoint, you may need to open additional ports. For more information, see device-specific details in the Plugin Guide (Help > Plugin Guide).
  • Configure your mail server to allow Restorepoint to relay email

Firewall Requirements

This section lists the ports used to by clients connecting to Restorepoint and the ports used by Restorepoint to connect to network devices and other servers.

Your firewall policy might need to be modified for Restorepoint to function correctly.

Traffic from Clients to Restorepoint

The following table lists traffic from Restorepoint to network devices:

Port

Purpose

443/tcp

Restorepoint user interface

22/tcp

Restorepoint shell access

161/udp

(optional) SNMP monitoring

Traffic from Restorepoint to Network Devices

Restorepoint connects to network devices in a variety of ways, depending on the vendor. Sometimes, devices use back-connections to transfer their configuration to Restorepoint. See the device-specific details in the Plugin Guide (Help > Plugin Guide).

Other Traffic Originating from Restorepoint

The following table lists outbound firewall requirements:

Port

Purpose

443/tcp

Download updates from Restorepoint update servers, and HA database sync

53/udp

Lookup to DNS servers

25/tcp

Send notification emails using SMTP

123/udp

Time synchronization with NTP servers (optional)

22/tcp

Initiate remote support requests (jmp1.restorepoint.com and jmp2.restorepoint.com), or communicate with an Agent’s master (optional)

Browser requirements

Restorepoint requires a modern browser with JavaScript enabled. Restorepoint has been tested with the following:

  • Chrome (v35)
  • Firefox (v25)
  • Internet Explorer 10
  • Safari (v6)
  • Opera (v12.10)

Restorepoint Virtual Appliance

The Restorepoint Virtual Appliance can be downloaded as a .ZIP file from the Restorepoint website. The following steps refer to VMware ESX vSphere 6.7U2 or later:

  1. Expand the Restorepoint ZIP file in a suitable location on your PC.
  2. Launch the vSphere Client.
  3. Right-click on the desired destination in the left-hand column and choose Deploy OVF Template, select Deploy from file and browse to the OVF file inside the extracted folder.
  4. Select all the files in the folder. There should be a .mf file, an .ovf file, and 2 .vmdk files.
  5. Click Next.
  6. Click Next.
  7. Use the default name or enter a name for the virtual machine and the inventory location, then click Next.
  8. Choose the host or cluster, then click Next.
  9. Select which datastore should be used, then click Next.
  10. Choose Network Mapping, then click Next.
  11. Check the summary information, then click Finish.
  12. The virtual machine will now deploy. After completion, click Close in the completion dialog box.

IP Address Setup

To set up Restorepoint, you must configure the network parameters, which include the static IP address you have allocated to the appliance, and the DNS and gateway settings for your network. Follow these steps:

  1. Connect a monitor and keyboard to suitable ports on the rear panel of the appliance, or open the virtual machine console in the Virtual Infrastructure client.

  2. At the login prompt, typed the default user name (admin) and password (admin) for the device and then choose option 1 on the console menu:

    Image of the Interface Settings for the Restorepoint console

  1. Type the IP address, Netmask, default gateway, and primary DNS server as prompted. The DNS server must be able to resolve public names (for example, support.restorepoint.com), otherwise the appliance cannot retrieve software updates.

  2. Enter y to confirm the settings. If the settings are applied successfully, the console menu will be redisplayed. You can exit now.

You can disconnect your monitor and keyboard. To continue the initial setup, open a browser window on a network connected PC and enter the IP address you set for the appliance in the URL bar.

Alternative Method for Setting the IP Address

You can also connect to the Restorepoint appliance for initial setup over a network using the factory-configured default IP address/netmask (192.168.1.1/255.255.255.0), if these settings do not conflict with any devices already on your network. Use a browser to connect to https://192.168.1.1 and set the IP address as shown above.

If these settings are in use on your network, you may connect the device directly to a PC using an Ethernet cross-over cable. Configure your PC to use an address in the 192.168.1.2 - 254 range, then use a browser to connect to https://192.168.1.1.

Connecting to Restorepoint for the First Time

After you set the IP address for Restorepoint, use a browser on a network-connected PC to connect to the IP address and complete the initial configuration.

Restorepoint initially uses a self-signed certificate. Because of this, your web browser will warn you of an invalid (untrusted) certificate. This is normal behavior because the appliance certificate is not signed by a Trusted Certificate Authority. The session will still be encrypted. Refer to your browser instructions on how to proceed and accept the unsigned certificate. A valid (signed) certificate can be uploaded to Restorepoint after the initial configuration is completed.

To connect to Restorepoint for the first time:

  1. Log in with the default username (admin) and default password (admin).
  2. Restorepoint displays the End-User License Agreement. Read the terms of the Agreement, then click Accept to signify that you accept the Agreement. You will not be able to use Restorepoint if you do not accept the Agreement.
  3. The next Installation Wizard page appears. You can use this page to configure your network settings.
  4. Supply values in the following fields:
  • Interface. Select an interface from the drop down list.
  • Use DHCP. Select this checkbox if you want to use a DHCP server for your interface and other options will be disabled.
  • IP Address. Type your Restorepoint IP address.
  • Subnet Mask. Type your subnet mask associated with the IP address
  • Speed/Duplex. Select the link speed and duplex from the drop down list.
  • DNS Server 1. Type the DNS Server address for your network. Click Ping to check connectivity.
  • DNS Server 2. Type the second DNS Server address from your network. This field is optional. Click Ping to check connectivity.
  • Gateway. Type the default gateway for your network. Click Ping to check connectivity.
  • Domain Name. Type the default domain name.
  • Use Proxy. Select this checkbox if proxy is required for internet access.
  • NAT Address. Type the NAT address if connection is required by your firewall.
  • Additonal Static Routes. If the devices that you want to add to Restorepoint are located on different networks, you may need to define additional static routes. If required, type the network IP address and the destination gateway IP address and click Add.
  • Throttle SCP/SFTP. Select this checkbox to limit the amount of network bandwidth Restorepoint uses.
  1. Click Next and the SMTP page appears. You can use this page to configure credentials for system notifications. Supply values in the following fields:
  • Host. Type the IP address of your mail server. Click Ping to check connectivity.
  • Port. Click the arrows in the right of the field to navigate to the correct port number for your mail server. Click Test to test the connection.
  • Username. Type the username for your mail server.
  • Domain Name. Type the password for your mail server.
  • From. Type an email address to use in the "From" field for notifications.
  • To. Type a default email address to send email alerts to.
  1. Click Next and the Admin User page appears. You can use this page to configure the account for an admin level user. Supply values in the following fields:
  • Username. Type a Restorepoint username.
  • Email. Type an email for the admin user.
  • Password. Type a password for the admin user. Click Show to display the password.
  • Encryption Password. Type an encryption password for the admin user. Click Show to display the password.
  • Recovery Question. Type a recovery question to be used if the user forgets their password.
  • Recovery Answer. Type the answer to the recovery question.
  1. Click Next and the Activation page appears. You can use this page to configure contacts and other settings to activate Restorepoint. Supply values in the following fields:
  • Company Name. Type the name of the company that is using the Restorepoint system.
  • Contact Name. Type a name for a point of contact regarding the Restorepoint system.
  • Email. Type an email for a point of contact regarding the Restorepoint system.
  • Phone. Type a phone number for a point of contact regarding the Restorepoint system.
  • Address. Type an address for a point of contact regarding the Restorepoint system.
  • Reseller. Type the company name of the reseller, if applicable.
  • Activation Code. Type the activation code if you are connected to the internet.
  • Offline?. Select this checkbox if you are using Restorepoint offline.
  1. Click Finish.
  2. If you entered an activation code, you will be redirected to the Restorepoint login page once installation is complete.
  3. If you selected the Offline? checkbox, the Upload Registration File pane appears.
  4. An image of the Upload Resigstration File pane.
  5. Copy the Appliance Key provided in the pane and click the Restorepoint support link provided in the middle of the pane.
  6. On the Restorepoint Support page, paste the Appliance Key that you copied above and click Register.
  7. Restorepoint provides a file to download. Click Download.
  8. Navigate back to your Restorepoint system and drag the file to the Upload Registration File pane to upload it or click inside the pane to select the file.
  9. Click Submit and you will be redirected to the Restorepoint login page once installation is complete.

Connecting to Restorepoint After a Reboot

When Restorepoint is rebooted, it will start in a locked state. It is not able to perform any operations until the encryption password is entered, and only admin-level operators can log in to the appliance.

To enter the encryption password, use a browser to connect to the appliance and provide your administrator credentials and the encryption password:

Image of the Restorepoint login page

The appliance will then transition to the normal operation mode, and subsequent administrator logins will not require an encryption password.

Converting Restorepoint to Oracle Linux 8

Depending on the version of Restorepoint, the application runs on either CentOS or Oracle Linux 8 (OL8). Updates and releases of CentOS Linux 8 were discontinued on December 31, 2021, and will be discontinued for CentOS Linux 7 on June 30, 2024. Restorepoint has moved to make OL8 as the primary supported operating system. This topic covers how to migrate from the CentOS operating system to the OL8 operating system.

The Restorepoint release is completely independent of the SL1 platform.

Prerequisites

  • Acquire a new virtual machine or machines with Oracle Linux 8 operating system and similar or better specifications (CPU, memory, disk size) to the existing virtual machine for the primary Restorepoint appliance and all existing agents (if using agents).
  • Before migrating, make sure that you are running the latest Restorepoint version 5.6 release. You will need to upgrade Restorepoint to version 5.6 before you can convert to OL8.
  • Take a virtual machine snapshot or archive of the Restorepoint appliance in case a rollback is required. For more information about archiving, see System Archive.
  • Make sure you have the encryption password, administrator password, and serial number of the old Restorepoint appliance.

Updating a Restorepoint Appliance

The following steps are for virtual deployments only.

By default, the Restorepoint appliance checks for software and plugin updates every 24 hours and installs them automatically. The installation only occurs when there are no tasks running, so there is no service downtime. Automatic updates use an HTTPS connection to the update server at support.restorepoint.com, either direct or through a proxy.

In addition, you can force a manual update by clicking the Force Check button on the Administration > System Settings > Appliance tab.

If either or both Disable Automatic Version Upgrades and Disable Automatic Minor Updates are selected, you will need to do a force check for the update. For more information about disabling updates, see How to Disable Automatic Updates?

To force a check for an update:

  1. In the Restorepoint user interface, go to the Administration > System Settings > Appliance tab.
  2. In the Software Updates section, click Force Check. Restorepoint checks for available updates, but does not install them. If updates are available, an Update Now button appears.
  3. Click Update Now to update the appliance.

If the The appliance is not connected to the Internet option is checked, the appliance will operate in offline mode and will not attempt to contact the update server. The Force Check button changes to Manual Upgrade, which you can click to download an update package to your workstation and manually upload it to Restorepoint. For more information, see Offline Installation/Upgrade.

Upgrade Matrix and Migration Paths

First, you should create a case with Restorepoint Support for upgrade tracking so the Restorepoint Support team can set your appliance to the required version in the backend. If you are unsure about the operating system for your system, the support engineer assigned to your case will be able to clarify.

CentOS 5-based Virtual Machines

These appliances run Restorepoint version 5.3 (or earlier unsupported versions).

  1. Required: Migrate from a Restorepoint 5.3 CentOS 5 appliance to a 5.3.1 CentOS 8 appliance.
  2. After you have migrated to CentOS 8, follow the steps for CentOS 8, below.

CentOS 6-based Virtual Machines

These appliances can run Restorepoint version 5.3, 5.3.1, 5.4 or 5.5.

  1. Required: Upgrade to at least Restorepoint version 5.3.1. If required, the Restorepoint support engineer will set the appliance to version 5.3.1, and then you can run an update.
  2. After you have migrated to CentOS 8, follow the steps for CentOS 8, below.

CentOS 8-based Virtual Machines

If your system is running Restorepoint version 5.3.1:

  1. Engage with the support engineer to set the appliance to version 5.4 in the Restorepoint backend.
  2. Update to Restorepoint version 5.4.

If your system is running Restorepoint version 5.4:

  1. Engage with the support engineer to set the appliance to version 5.6.
  2. Update to Restorepoint version 5.6.

When your system is updated to Restorepoint version 5.6, a migration to an Oracle Linux Virtual Machine is recommended. This process requires you to create a new appliance, then follow the migration steps in the following procedure.

Restorepoint Appliance Migration

This section covers how to migrate your data to a new hardware or virtual appliance.

Before you Begin the Migration

  1. Install and configure the new appliance. For more information, see Installing Restorepoint.
  2. Configure the appliance IP address on your network and complete the online registration.
  3. Provide the old serial number to Support so a new activation code be generated. Using the activation code, install the new license. The activation code is single use, so once it is submitted, do not refresh the page.
  4. Make sure that both Restorepoint appliances are running the same software version.
  5. The appliances normally update themselves by connecting to the Restorepoint update servers, but you can force an update from the Administration > System Settings > Appliance tab. The same page shows the current software version and build number.

Migration Paths

There are two migration paths:

  1. Partial Migration. Migrates the device information, such as IP addresses, credentials, and so on.
  2. Full Migration. Includes all of the device backups.

Most users choose a partial migration, because it is extremely easy, and you can complete it quickly, in a few minutes. However, if you need to keep all past device backups, the only option is a full migration.

Also, only a full migration will restore the appliance SSH keys. This is an important consideration if you are using SSH Public Key Authentication (PKA ), because devices will not allow the new appliance to log in until the new appliance SSH key is authorized. Devices that perform strict SSH checks may also prevent logins, even if using SSH password authentication.

Partial Migration

This migration moves over only your device settings. Device configuration files and Restorepoint settings are not migrated.

  1. Log in to the old Restorepoint appliance and click Devices in the left-side menu.
  2. Select the check box next to the column title Name to select all devices (or select which devices to export individually).
  3. Click Exportto generate a CSV file with the device data.
  4. Log in to the new appliance, and then click Devices in the left-side menu.
  5. Click Import. A dialog appears, from which you need to choose the CSV file exported above (typically from the Downloads folder). All of the devices should appear in the list.

Full Migration

This migration uses the Restorepoint Archive feature, which exports all of the system configuration to an external server.

  1. Configure archiving on the old appliance. This should already be in place, as it is an essential disaster recovery function.
  2. Go to the Administration > System Settings > Archive page.
  3. Configure the file server to which Restorepoint uploads its archive and set up an automated disaster recovery Archive. Restorepoint supports FTP, SCP, SFTP, or Windows file servers for archiving.
  4. Create a new archive on the server by clicking Archive Now. This operation may take a long time, depending on the amount of data stored on the appliance.
  5. On the new appliance, import the archive from the server.
  6. On the Administration > System Settings > Archive page, configure archiving in the same way as the old appliance (IP address, protocol, path and credentials), and then click Restore Archive. Restorepoint displays a list of archives available on the remote server.
  7. Choose the most recent archive and click Restore.
  8. During the process, you might be prompted for the password and encryption password of the old appliance. Provide the details for the admin account. Again, this may take a long time to complete; at the end of the process, all of the Restorepoint settings (except the IP address for the appliance) and all data stored on the old appliance will be restored on to the new one.

For more information about archiving, see System Archive.

To perform migration when your environment has Agents:

  1. Deploy new agents on a new virtual machine with the Oracle Linux 8 operating system and perform the Initial Master Setup in the agent.
  2. Set the IP address of the new appliance for each agent.
  3. Restorepoint supports agent deployment within an RPM. Additionally, Restorepoint also supports communication from agent to Restorepoint appliance over a port of your choosing. The default port 22 can be changed when setting up the agent.

If you need HTTPS enabled on the new appliance, you must create a new certificate. For more information, see HTTPS Certificates.

Common Questions

Why migrate to an Oracle Linux 8 appliance?

  • Old appliances are on either CentOS 8 or CentOS 6, neither of which are supported by Red Hat any longer. Leaving the appliance on this Linux Kernel could lead to serious security issues in the future.
  • OL8 provides IPv6 support.

What downtime can I expect?

  • Usually, each update only takes a few minutes and will only proceed when no other tasks are running. If you have a busy system, you might need to pause the scheduler to process the upgrade.
  • Depending on the number of devices you have, creating or restoring an archive can take a long time. Restorepoint recommends that you allocate at least 12 hours for the migration after the pre-requisites have been gathered.

I am on version 5.4. Do I have to update to version 5.5 and then to version 5.6?

  • No. Direct update from version 5.4 latest version to version 5.6 is supported on CentOS or Oracle Linux 8 operating systems.

Will my license be migrated?

  • No. Support will generate a new activation code license based on the serial number of the new appliance. You can copy and paste the new code during the deployment of the new appliances.

Will my device certificates be migrated?

  • Yes. Device certificates will be migrated if restoring an archive on to the new appliance. (Full Migration)

I have agents on CentOS. How do I migrate them?

Will SSH keys for agents be migrated?

  • Yes. SSH keys for agent will be migrated during an archive and restore.

Will SSH host keys of the appliance be migrated?

  • Yes. SSH host keys will be migrated during an archive and restore.

I have High Availability enabled in CentOS. How do I migrate the secondary appliance?

  • To migrate a High Availability appliance set up, you must first set up the new HA cluster and then follow the full migration or partial migration steps above on the primary appliance.
  • Ensure the secondary appliance is running the identical Restorepoint and operating system version as the primary.
  • Complete the set up on the secondary appliance. For more information, see the High Availability section in the Restorepoint guide.

Will my existing users be migrated?

  • Yes. All existing local and LDAP users (and LDAP settings) will be migrated if restoring an archive onto the new appliance. (Full Migration)

Known Issues

  • Issues with Agents. This topic encompasses a wide range of problems, but usually the cause is the agents have not been migrated to Oracle like the master and there are conflicting ciphers, macs, and Kexs.
  • Domain not Found. This error message can appear when viewing a device. Follow the steps in the article to resolve the issues.
  • Converting Last Alert Policy. This is a common database issue that occurs if the customer uses the Generic Push device plugin.

If you run into any of these problems, contact a support engineer.

Rolling Back After Upgrading to Version 5.4

If you experience a major issue after upgrading to version 5.4, you can roll back to the previous version, provided that you have a working snapshot of that virtual appliance. This is why we recommend taking a snapshot of the appliance before upgrading to 5.4.

To roll back to version 5.4:

  1. Power down the current virtual appliance.
  2. Contact Restorepoint Support and let them know that you need to roll back. You will need to know the serial number of the appliance.
  3. Restorepoint Support will set the appliance back to version 5.3 on our administrator server and contact you when we are finished.
  4. After you receive confirmation from us that we have reverted your appliance back to version 5.3, you can restore the snapshot of the appliance using your hypervisor standard snapshot restore function.
  5. When the snapshot has been restored and powered on, your appliance should function as expected.