On Mon, 22 Sep 2003 15:23:14 -0400, Neild, Jim <Jim.Neild AT SSHA.ON DOT CA> 
wrote:

>I have a NetWorker server running in VLAN 1 which is protected by a
>firewall and I want to have a Storage Node sitting in VLAN 2, also
>behind a firewall.  The Storage Node will backup servers that are on the
>VLAN 2 only and will send metadata (indexes, etc.) through the firewalls
>to the NetWorker server in VLAN 1.
>
>I have read the section on firewalls in the doco and it all appears as
>though it assumes that the communication through the firewall will be
>between client and Storage Node, not Storage Node and NetWorker Server.
>
>Has anyone built this configuration and what ports did you have to open?
>What formula did you use to figure out the required range?  Did you use
>any of the sections of the NW Admin guide?
>
Have just been testing this, it appears just to use the low port range 7937-
9936 but I have not monitored it closely as the firewall rules for legato
clients were fairly open and I just reused them. The only problem was the
firewall idle timeout once an idle connection is timed out it appears that
restarting networker server is need to reconnect - I used the hack on the
tcp keep alive timer to maintain the connections. Filesystem and Oracle
backups and restores both worked.

--
Note: To sign off this list, send a "signoff networker" command via email
to listserv AT listmail.temple DOT edu or visit the list's Web site at
http://listmail.temple.edu/archives/networker.html where you can
also view and post messages to the list.
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=