Re: ADSM through a firewall
1997-10-13 11:51:58
Thank you for the reply.
Bill Anderson
Allina Health System
Minneapolis, MN
banderson AT allina DOT com
Jorgensen, John wrote:
> Bill,
>
> We use an ANS InterLock firewall and back up a couple Windows/NT hosts
> that are on the Internet. We do this automatically with the scheculer.
> To do this:
>
> 1.) Set up a TCP forwarder to forward packets on port 1500 to your ADSM
> server which is presumably on the private side.
> 2.) When you configure you ADSM client on the machine to be backed up
> (DSM.OPT file) point it at the public side IP address of your firewall
> instead of
> the ADSM server.
> 3.) Add rules to firewall to permit port 1500 to go only for the
> selected
> machines on the public side.
>
> Hope this works for you.
>
> John A. Jorgensen
> Caliber Technology, Inc. (330) 384-9000 Ext 3848
> 557 E Tallmadge Ave. FAX (330) 258-6066
> Akron, Ohio 44310
>
> >----------
> >From: Bill Anderson[SMTP:banderson AT ALLINA DOT COM]
> >Sent: Wednesday, October 08, 1997 1:45 PM
> >To: ADSM-L AT VM.MARIST DOT EDU
> >Subject: ADSM through a firewall
> >
> >I apologize if this question has been asked before but I am new to the
> >list.
> >
> >We use Raptor's Eagle firewall. We have RS/6000s on our "DMZ" and we
> >have a need to back them up via ADSM. Our ADSM servers reside on our
> >corporate network which connects to the firewall for Internet and
> >business partner access. The diagram below describes our situation:
> >
> > Internet
> > |
> > DMZ - - Firewall
> > |
> > Corporate Network
> >
> >When we initiate a backup of an RS/6000 on the DMZ from the ADSM server
> >on our corporate network, a Sniffer trace shows that ADSM is attempting
> >to talk directly to our firewall and not to the RS/6000 we are trying to
> >back up. When I use a VPN type (packet filtering) connection through
> >our firewall to the DMZ, backups work fine. However, when I try to use
> >a generic service passer on the firewall (application proxies at ports
> >1500 and 1501), I get the error mentioned above (attempting to talk
> >directly to the firewall).
> >
> >Has anyone else had this problem? If so, is there a solution that allows
> >ADSM to work via an application proxy on a firewall?
> >
> >Thanks.
> >
> >Bill Anderson
> >Allina Health System
> >banderson AT allina DOT com
> >
|
|
|