First off, I'm no expert in Firewalls and DMZs, so those experts are
probably my target audience.
We're set up with our one Master/Media on the normal corporate LAN.  It
backs up a couple dozen normal clients on the LAN.
I've been asked to try to back up one of our Ebiz servers in the DMZ.

The DMZ is set up so that any communications initiated from WITHIN can pass
through the firewall.  ie: we can remote control that machine, but it can't
start communications itself.
There is also no name service between the two.  The Netbackup server can
ping the DMZ client by IP, but NOT vice versa (DMZ client can't ping
anything inside, obviously.  Pinging is intiating communication).

So, the netbackup 4.5 client software was installed on the DMZ client, but
it obviously was unable to connect to the master server we specified.

Is the only way to get this to work, is to open up a port (or two or three?)
so that the client can initiate it's communication back to the server?  I'd
understand if that were necessary, but it seems to me that when the
NetBackup server starts a backup job, it initiates the communication.
("Hey! Client!  Send your data to me!")

Everything is Windows 2000 & NB 4.5

Thanks for any help,

Jesse Gardner