NetWorker: Error Appears in Administration "Message bus unable to open socket connection"

The NetWorker Management Console (NMC) server is installed on a stand-alone system separate from the NetWorker server.

The NMC monitoring window shows all policies as "Never Run" ; however, backup and clone jobs are completing as scheduled.

The following error appears in the NMC when trying to open workflow or action properties:

Message bus unable to open socket connection to host "Networkerserver_hostname" on port 5672: a socket error occurred.

Figure 1: Error Message Concerning Socket Connection

Port 5671 is listening on the NetWorker server. Port 5671 is the SSL port used by the message queue adapter process.

Linux: netstat -apno | grep 5671

Windows: netstat -ano | findstr 5671

Port 5672 is not enabled on the NetWorker server. Port 5672 is the non-SSL port used by the message queue adapter process.

The NMC server fails to connect to the NetWorker server over port 5671.

Linux: curl -v NetWorker_ServerName:5671

Windows (PowerShell): tnc NetWorker_ServerName -port 5671

Port 5671 is the SSL port used by the message queue adapter used to communicate between the NetWorker Management Console (NMC) server and NetWorker server.

This issue appears when port 5671 is blocked on the NetWorker server.

1. On the NetWorker server, create an inbound firewall rule to allow traffic for port 5671.
2. On the NMC server, create an outbound rule to allow traffic from port 5671.

See operating system vendor instructions for creating firewall rules; the system or security administrator must make these changes. Once changes are applied to the operating system firewall, confirm if port 5671 connectivity succeeds between the NetWorker server and NMC server. If the connection still fails, ensure that a network firewall is not blocking the communication.

See knowledge base article 20688: NetWorker: How to disable port 5672 for DSA-2018-120, to avoid scan software still showing the vulnerability