Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Client in DMZ - Howto revisited

2004-06-05 15:07:23
Subject: Re: Client in DMZ - Howto revisited
From: Jon LaBadie <jon AT jgcomp DOT com>
To: amanda-users AT amanda DOT org
Date: Sat, 5 Jun 2004 15:03:21 -0400 
On Sat, Jun 05, 2004 at 11:21:43AM -0700, John Bossert wrote:
> Gentlemen (and Ladies,) I'm confused.
> 
> After perusing the list archives, Googling, etc., I'm still not clear on 
>  what's necessary to establish a backup across a firewall and/or to 
> debug the process.
> 
> My firewall presently allow unfiltered egress from the Trusted segment 
> (where the server lives) to the DMZ (where the subject client lives.) 
> The literature suggests (to me) that the only communication initiated by 
> the client is UDP and can be controlled with (from my .configure):
> 
> --with-udpportrange=850,859


i've never done this and am unsure of my answer,
so i'm mailing off-list.

amanda needs some ports available for the initial contact.
these need to be in the special range below 1024 and i think
they need to be udp.

this part you have done.
(note, it must be on client and server i think)

but after the initial contact and authentication,
amanda also needs tcp ports in the non-special range.
that is where the backup travels.
so you will have to also open up those firewall ports
and configure with them.

-- 
Jon H. LaBadie                  jon AT jgcomp DOT com
 JG Computing
 4455 Province Line Road        (609) 252-0159
 Princeton, NJ  08540-4322      (609) 683-7220 (fax)
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Client in DMZ - Howto revisited, John Bossert
Next by Date:  Re: Client in DMZ - Howto revisited, Jon LaBadie
Previous by Thread:  Client in DMZ - Howto revisited, John Bossert
Next by Thread:  Re: Client in DMZ - Howto revisited, Jon LaBadie
Indexes:  [Date] [Thread] [Top] [All Lists]