5 1 0:Backup in Different Networks

From SEPsesam

Welcome to the latest SEP sesam documentation version 5.1.0 Apollon. For previous documentation version(s), check documentation archive.


This article describes how to configure backup clients in different network segments by using a backup LAN. To be able to perform a backup in different networks, you have to configure network settings, hosts and interfaces.

Configuration example

In our example, the network consists of multiple segments: : Network for regular service traffic (user LAN)   : Network for backup related tasks (backup LAN)

The following example shows how to perform a backup using the dedicated backup network

Step 1: Network configuration

Make sure that the SEP sesam Server and all servers which should be backed up via the separate backup LAN have a network card in both network segments. Make sure that a TCP connection between hosts works properly. In this example, the backup server is a Linux system and has multiple network cards:


Step 2: Name resolution/hosts file configuration on the backup server

For both network segments ( and the SEP sesam Server should have a proper DNS entry. SEP strongly recommends to use a central DNS (Domain Name System) server. For details on DNS name resolution, see How to check DNS configuration.

If your environment does not have a DNS server, you have to configure the hosts files on all systems for a working name resolution.

Configure the hostnames in the system's hosts file to make them available via a DNS name. The location of the hosts file depends on the operating system:

On Linux


On Windows


Open the hosts file in your text editor and add an entry.

# SEP sesam Server main IP, licensed IP and name  backup-server.mydomain.com        backup-server
# SEP sesam device server IP for data transfer over a separated LAN    backup-server-172.mydomain.com    backup-server-172

# all clients that should be backed up   client01.mydomain.com             client01   client02.mydomain.com             client02

The first entry must match the server name as specified in the SEP sesam license.

Step 3: Hosts configuration on the clients

This step is only required if you do not have a central DNS server.

The backup client client02 should be backed up using the network In this case, the control communication will take place over the network, the data transfer will run over and a hosts file on the client have to include:

# my client IP and name     client02.mydomain.com             client02
# name <-> IP resolution for control communication   backup-server.mydomain.com        backup-server
# name <-> IP resolution for data transfer    backup-server-172.mydomain.com    backup-server-172

Step 4: Control configuration on the clients

During the Windows client software installation, the SEP sesam Server is added to the allowed hosts to communicate with the client (via SMSSH and CTRL). In case of a Linux client, you have already executed the command /opt/sesam/bin/sesam/sm_setup set_client <name of backup server>.

In both cases the SEP sesam Server is added in the CTRL file <sesam_var_dir>/var/ini/sm_ctrld.auth on the client and the SEP sesam Server public SSH key is inserted in the <sesam_var_dir>/var/ini/sm_ssh/authorized_keys file on the client.

You have to add the second name of the SEP sesam Server to the client authentication possibilities by specifying the following command (for Windows and Linux):

/opt/sesam/bin/sesam/sm_setup set_client backup-server-172.mydomain.com
c:\program files\SEPsesam\bin\sesam\sm_setup set_client backup-server-172.mydomain.com

Step 5: Interfaces configuration

With working DNS name resolution or after configuring the hosts files, switch to the SEP sesam GUI -> Components -> Clients and double-click the SEP sesam server (backup server) to open its properties.

In the Interfaces field, check/add both hostnames. Add the hostnames multiple times with the different prefixes and suffixes for the different SEP sesam data transfer modes (ftp,http,https). SEP recommends to use always the fully qualified domain name (FQDN) for the interfaces.

In our example, these are:


Then configure your backup as described in Standard Backup Procedure. You can either schedule your backup or start it immediately, but make sure that you select the relevant interface from the drop-down list.

In our example, the selected interface is http://backup-server-172.mydomain.com:11000. This means that the backup server will connect to the client via the network and the data transfer will take place over the network. So there is no impact to the user LAN during the backup.

See also

Client propertiesStandard Backup Procedure

Copyright © SEP AG 1999-2024. All rights reserved.
Any form of reproduction of the contents or parts of this manual is allowed only with the express written permission from SEP AG. When compiling and designing user documentation SEP AG uses great diligence and attempts to deliver accurate and correct information. However, SEP AG cannot issue a guarantee for the contents of this manual.