Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] Firewall woes

2009-06-15 07:15:18
Subject: Re: [Bacula-users] Firewall woes
From: Kevin Keane <subscription AT kkeane DOT com>
Date: Mon, 15 Jun 2009 04:10:28 -0700 
First of all, temporarily turn off iptables on the Storage Daemon 
machine and see if that allows you to connect. That way, you don't have 
to guess on WHICH firewall is the problem.

If this allows you to connect, you would need to (on the SD machine) 
ACCEPT connections on port 9103 from 192.168.2.146.

Ken Barclay wrote:
> Well, I added state ESTABLISHED and RELATED to the iptables on both the
> Director and Client Servers, restarted iptables and manually started the
> backup job.  This is the reply:
>
> *messages
> 15-Jun 09:07 submail-fd JobId 8425: Warning: bsock.c:123 Could not connect
> to Storage daemon on 192.168.2.146:9103. ERR=Connection timed out
> Retrying ...
>
> (Yes, the Storage daemon is running)
>
> Next, I added Client Connect Wait = 1800 to the StorageDaemon config, but
> still got the same error message as above.
>
> Then, in /etc/hosts of the Director, I hashed out 127.0.0.1, leaving only
> the 'real' ip address of the director.  But still got the same error.
>
> Finally, I disabled iptables on the Client and the back up completed
> without a problem.
>
> Any ideas?
>
> Ken
>
>   
>> -----Original Message-----
>> From: Marc Schiffbauer [mailto:marc AT schiffbauer DOT net]
>> Sent: Friday, 12 June 2009 7:56 PM
>> To: bacula-users AT lists.sourceforge DOT net
>> Subject: Re: [Bacula-users] Firewall woes
>>
>> * Ken Barclay schrieb am 12.06.09 um 11:56 Uhr:
>>     
>>> Don't you just love firewalls!
>>>
>>>
>>>
>>> Today received this error on a newly installed client -
>>>
>>>
>>>
>>> 12-Jun 16:27 KenTest-dir JobId 8309: Fatal error: Unable to
>>>       
>> authenticate
>>     
>>> with File daemon at "192.168.2.130:9102". Possible causes:blah,etc
>>>
>>>
>>>
>>>
>>>
>>> On this client the iptable entry reads as follows:      1    ACCEPT
>>> tcp  --  192.168.2.146        0.0.0.0/0           tcp dpt:9102 state
>>>       
>> NEW
>>
>>
>> You need state ESTABLISHED and RELATED for the other direction, not?
>>
>>
>>     
>>>
>>> On the director the iptable entry reads:     11   ACCEPT     tcp  --
>>> 0.0.0.0/0            0.0.0.0/0           tcp dpts:9101:9103 state NEW
>>>       
>> same here.
>>
>> -Marc
>>     

-- 
Kevin Keane
Owner
The NetTech
Find the Uncommon: Expert Solutions for a Network You Never Have to Think About

Office: 866-642-7116
http://www.4nettech.com

This e-mail and attachments, if any, may contain confidential and/or 
proprietary information. Please be advised that the unauthorized use or 
disclosure of the information is strictly prohibited. The information herein is 
intended only for use by the intended recipient(s) named above. If you have 
received this transmission in error, please notify the sender immediately and 
permanently delete the e-mail and any copies, printouts or attachments thereof.


------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing 
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] PowerVault 114T and bacula, Walter den Besten
Next by Date:  [Bacula-users] Does the Qualstar RLS-4221 works with BACULA, Julien Logel
Previous by Thread:  Re: [Bacula-users] Firewall woes, Ken Barclay
Next by Thread:  Re: [Bacula-users] Firewall woes, Josh Fisher
Indexes:  [Date] [Thread] [Top] [All Lists]