Duplicati with Backblaze B2 in DMZ protected by OPNsense firewall

Hi there,
I’m a long time user of Duplicati (coming from Crashplan…).
I just changed my set-up and installed an OPNsense firewall, with the Duplicati client running on a machine in the DMZ.
I can access from my LAN the Duplicati interface (port 8200) without any issue, however, the backup doesn’t seem to work correctly. I suspect a connection error because I don’t know what port to open on my WAN firewall connection to Backblaze. I thought port 443 was used, apparently not (or I configured it badly).
Please let me know what port is used between Backblaze and the Duplicati client.
Many thanks

I believe 443 is correct. Did you also enable DNS traffic? Duplicati will need to be able to resolve B2 hostnames.

Many thanks. Yes, DNS is enabled and works. I believe I have an issue with port 443. It is enabled but I must have missed something. Trying to find… with no luck to date

For the ones that have this issue in the future, in OPNsense (i.e. same as pfSense), I:

  • created a NAT for my LAN to access over TCP 8200 the IP address of the VM serving the interface of Duplicati (that is hosted in my DMZ)
  • created a firewall rule on the LAN interface, for the LAN net to access the DMZ net over TCP 8200
  • for the data to be backed up to Backblaze, I created a firewall rule on the DMZ interface from DMZ net to WAN adress for port TCP 443 (https)
    That’s all folks!
1 Like