Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Cygwin amanda client behind firewall

2006-07-12 17:06:58
Subject: RE: Cygwin amanda client behind firewall
From: "McGraw, Robert P." <rmcgraw AT purdue DOT edu>
To: "Paul Bijnens" <paul.bijnens AT xplanation DOT com>
Date: Wed, 12 Jul 2006 16:59:32 -0400 



> -----Original Message-----
> From: Paul Bijnens [mailto:paul.bijnens AT xplanation DOT com]
> Sent: Wednesday, July 12, 2006 4:37 PM
> To: McGraw, Robert P.
> Cc: amanda-users AT amanda DOT org
> Subject: Re: Cygwin amanda client behind firewall
> 
> 
> McGraw, Robert P. schreef:
> > My question is, is the 0.0.0.0 ip address something that I should have
> to
> > enter into a firewall configuration to get traffic to pass through?
> >
> > The IP 0.0.0.0 seems to be blocked my firewall that I am using?
> 
> The 0.0.0.0 means the program is acting as a "server".  I remember
> vaguely from some old ZoneAlarm program that you have to add that
> priviledge to a program.
[McGraw, Robert P.] 

Actually the cygwin client that is protected by ZoneAlarm firewall is
working. I had to add the 0.0.0.0 as a trusted IP in the ZoneAlarm file. 

I was using this client to test the amanda cygwin build as this was my first
attempt.

> 
> Anyway, is there any clue in the /tmp/amanda directory on the client?
> There should be a file named selfcheck.datetime.debug.  Contents?
[McGraw, Robert P.] 

The client that I really need to backup, is behind a Sonicwall firewall. 

To test that I can contact the 10080 port I use the netcat (nc) program. 

The host coriolis is the test cygwin client which is behind the ZoneAlarm
firewall.

        ##R##-zorn->[46] ##> ./nc -z -v -u coriolis 10080

        coriolis.xxx.yyy.edu [128.210.n.nnn] 10080 (amanda) open

The host mailrelay is the host behind the Sonicwall firewall. I have opened
up the firewall to allow the amanda server through for any service.
 
##R##-zorn->[47] ##> ./nc -z -v -u mailrelay 10080

        mailrelay.xxx.yyy.edu [128.210.n.nnn] 10080 (amanda) open

They both show that the Amanda server can contact both clients on 10080 UDP
port.

The following is my amcheck for each client 

zorn->[42] > ./amcheck -c daily coriolis

Amanda Backup Client Hosts Check
--------------------------------
Client check: 1 host checked in 1.443 seconds, 0 problems found

(brought to you by Amanda 2.4.5p1)
 

zorn->[43] > ./amcheck -c daily mailrelay

Amanda Backup Client Hosts Check
--------------------------------
WARNING: mailrelay: selfcheck request timed out.  Host down?
Client check: 1 host checked in 30.025 seconds, 1 problem found

(brought to you by Amanda 2.4.5p1)



> 
> 
> >
> > On both firewalls I have my amanda server IP address set in the firewall
> to
> > allow any type traffice through. Should this be enough?
> 
> Remember that you also have to configure the intermediate firewall
> Amcheck uses only UDP 10080, but a real run uses more TCP ports, which
> amcheck currently does not test.
> 
> See:  http://wiki.zmanda.com/index.php/Configuration_with_iptables
> and:  http://wiki.zmanda.com/index.php/TCP/UDP_ports
[McGraw, Robert P.] 

I have a call into Sonicwall support but when I called them yesterday they
were not familiar with the 0.0.0.0 IP.

 
> 
> 
> --
> Paul Bijnens, Xplanation                            Tel  +32 16 397.511
> Technologielaan 21 bus 2, B-3001 Leuven, BELGIUM    Fax  +32 16 397.512
> http://www.xplanation.com/          email:  Paul.Bijnens AT xplanation DOT com

[McGraw, Robert P.] 
Thanks again for your help.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Cygwin amanda client behind firewall, Paul Bijnens
Next by Date:  Re: amrecover "Tape is not a dump tape" but amrestore works?, Jon LaBadie
Previous by Thread:  Re: Cygwin amanda client behind firewall, Paul Bijnens
Next by Thread:  Perhaps an Amanda changer support problem?, irene
Indexes:  [Date] [Thread] [Top] [All Lists]