Veeam - Cloud Connect jobs fail with "Authentication failed because the remote party has closed the transport stream" error
Challenge
After upgrade of Veeam Backup & Replication on the Veeam Cloud Connect service provider's backup server to version 10, tenant jobs may start failing with the following error: "Authentication failed because the remote party has closed the transport stream". At the same time, the Svc.VeeamCloudConnect.log log file displays the following error: "A call to SSPI failed, see inner exception".The issue can be spotted in the following logs:
Job.log (on the tenant side)
Job.log (on the tenant side)
[15.06.2020 11:00:00] <01> Error Authentication failed because the remote party has closed the transport stream. (System.IO.IOException) [15.06.2020 11:00:00] <01> Error at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) ... [15.06.2020 11:00:00] <01> Error at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) [15.06.2020 11:00:00] <01> Error at Veeam.Backup.Core.CSocketInvokerClient.InvokeImpl(TcpClient client, CSocketInvokerParams args, Int32 threadId) [15.06.2020 11:00:00] <01> Error at Veeam.Backup.Core.CSocketInvokerClient.TryInvoke(CSocketInvokerParams invokerParams)
Cause
Windows updates related to a new .Net Framework enforce a security check and do not allow to establish a secure connection between Veeam backup servers on the tenant side and service provider side using a weak Diffie-Hellman Ephemeral (DHE) key.
Solution
Install recommended Windows updates on the tenant Veeam Backup & Replication server or Veeam Agent for Microsoft Windows machines. For details, see https://support.microsoft.com/en-us/help/3061518/ms15-055-vulnerability-in-schannel-could-allow-information-disclosure.
Related Articles
Veeam - An existing connection was forcibly closed by the remote host Failed to upload disk. Agent failed to process method {DataTransfer.SyncDisk}.
Safe DR Challange Backup fails with the following error: Error: write: An existing connection was forcibly closed by the remote host Failed to upload disk. Agent failed to process method {DataTransfer.SyncDisk}. What This Means The last backup job ...Veeam - Task Failed Unexpectedly
Safe DR Challenge Backup fails with the following error: Error Task failed Unexpectedly What This Means The job was terminated suddenly, resulting in an incomplete backup and restore point. Possible Causes Host rebooted during the backup, resulting ...Veeam - Setting up Cloud Copy
Safe DR Please follow the below steps when setting up cloud copy to our offsite repository. Prior to doing this you will need to set Safe Data Storage as your service provider, a link to doing that can be found here. Open up your Veeam Backup and ...Veeam - WAN Accelerator Fails to Install
Challenge Error message “Installing package VeeamWANSvc_x64.msi Error: Error 1920. Service Veeam WAN Accelerator Service (VeeamWANSvc) failed to start. Verify that you have sufficient privileges to start system services.” appears when trying to add a ...Veeam - Add Safe Data Storage as a service provider
You need to follow the below steps to connect your instance of Veeam Backup and Replication to Safe Data Storage as your Veeam Cloud Connect Service Provider. Open your Veeam Backup and Replication Client and navigate to "Backup Infrastructure", ...