Support matrix for deploy Azure Site Recovery replication appliance - Modernized

This article describes support and requirements when deploying the replication appliance for VMware disaster recovery to Azure with Azure Site Recovery - Modernized

Note

The information in this article applies to Azure Site Recovery - Modernized. For information about configuration server requirements in Classic releases, see this article.

Note

Ensure you create a new and exclusive Recovery Services vault for setting up the ASR replication appliance. Don't use an existing vault.

You deploy an on-premises replication appliance when you use Azure Site Recovery for disaster recovery of VMware VMs or physical servers to Azure.

  • The replication appliance coordinates communications between on-premises VMware and Azure. It also manages data replication.
  • Learn more about the Azure Site Recovery replication appliance components and processes.

Pre-requisites

Hardware requirements

Component Requirement
CPU cores 8
RAM 32 GB
Number of disks 2, including the OS disk - 80 GB and a data disk - 620 GB

Software requirements

Component Requirement
Operating system Windows Server 2019
Operating system locale English (en-*)
Windows Server roles Don't enable these roles:
- Active Directory Domain Services
- Internet Information Services
- Hyper-V
Group policies Don't enable these group policies:
- Prevent access to the command prompt.
- Prevent access to registry editing tools.
- Trust logic for file attachments.
- Turn on Script Execution.
Learn more
IIS - No pre-existing default website
- No pre-existing website/application listening on port 443
- Enable anonymous authentication
- Enable FastCGI setting
FIPS (Federal Information Processing Standards) Don't enable FIPS mode

Network requirements

Component Requirement
Fully qualified domain name (FQDN) Static
Ports 443 (Control channel orchestration)
9443 (Data transport)
NIC type VMXNET3 (if the appliance is a VMware VM)
NAT Supported

Note

To support communication between source machines and replication appliance using multiple subnets, you should select FQDN as the mode of connectivity during the appliance setup. This will allow source machines to use FQDN, along with a list of IP addresses, to communicate with replication appliance.

Allow URLs

Ensure the following URLs are allowed and reachable from the Azure Site Recovery replication appliance for continuous connectivity:

URL Details
portal.azure.cn Navigate to the Azure portal.
login.chinacloudapi.cn
graph.chinacloudapi.cn
*.msftauth.net
*.msauth.net
*.microsoft.com
*.live.com
*.office.com
To sign-in to your Azure subscription.
*.partner.microsoftonline.cn Create Azure Active Directory (AD) apps for the appliance to communicate with Azure Site Recovery.
management.chinacloudapi.cn Create Microsoft Entra apps for the appliance to communicate with the Azure Site Recovery service.
*.services.visualstudio.com Upload app logs used for internal monitoring.
*.vault.azure.cn Manage secrets in the Azure Key Vault. Note: Ensure that the machines that need to be replicated have access to this URL.
aka.ms Allow access to "also known as" links. Used for Azure Site Recovery appliance updates.
download.microsoft.com/download Allow downloads from Microsoft download.
*.servicebus.chinacloudapi.cn Communication between the appliance and the Azure Site Recovery service.
*.discoverysrv.azure.cn

*.hypervrecoverymanager.azure.cn

*.backup.azure.cn
Connect to Azure Site Recovery micro-service URLs.
*.blob.core.chinacloudapi.cn Upload data to Azure storage, which is used to create target disks.
*.backup.azure.cn Protection service URL � a microservice used by Azure Site Recovery for processing & creating replicated disks in Azure.
*.prod.migration.azure.cn To discover your on-premises estate.

Folder exclusions from Antivirus program

If Antivirus Software is active on appliance

Exclude following folders from Antivirus software for smooth replication and to avoid connectivity issues.

C:\ProgramData\Azure
C:\ProgramData\ASRLogs
C:\Windows\Temp\MicrosoftAzure C:\Program Files\Azure Appliance Auto Update
C:\Program Files\Azure Appliance Configuration Manager
C:\Program Files\Azure Push Install Agent
C:\Program Files\Azure RCM Proxy Agent
C:\Program Files\Azure Recovery Services Agent
C:\Program Files\Azure Server Discovery Service
C:\Program Files\Azure Site Recovery Process Server
C:\Program Files\Azure Site Recovery Provider
C:\Program Files\Azure to on-premises Reprotect agent
C:\Program Files\Azure VMware Discovery Service
C:\Program Files\Microsoft on-premises to Azure Replication agent
E:\

If Antivirus software is active on source machine

If source machine has an Antivirus software active, installation folder should be excluded. So, exclude folder C:\Program Files (x86)\Azure Site Recovery\ for smooth replication.

Sizing and capacity

An appliance that uses an in-built process server to protect the workload can handle up to 200 virtual machines, based on the following configurations:

CPU Memory Cache disk size Data change rate Protected machines
16 vCPUs (2 sockets * 8 cores @ 2.5 GHz) 32 GB 1 TB >1 TB to 2 TB Use to replicate 151 to 200 machines.
  • You can perform discovery of all the machines in a vCenter server, using any of the replication appliances in the vault.

  • You can switch a protected machine, between different appliances in the same vault, given the selected appliance is healthy.

For detailed information about how to use multiple appliances and failover a replication appliance, see this article

Next steps

  • Learn how to set up disaster recovery of VMware VMs to Azure.
  • Learn how to deploy Azure Site Recovery replication appliance.