Thanks again for everyone's help. I *think* I'm getting there, but alas, I
am not there yet.
I've got full logging on all over the place. Through this, I think I've
been able to determine that:
bpcd is seeing the server-initiated backup request as coming from the
firewall. When it checks its list of servers, it didn't find a match, so it
said "this isn't a server. Abort."
So, on a whim, I made a hosts file entry for the firewall, named "FIREWALL",
go figure. I put FIREWALL in the list of servers for that client, but did
not make it "Current". This seemed to get me a little further. Here's the
bpcd log on the client as of now (with IP address censored):
16:10:17.662 [1420.1656] <2> bpcd peer_hostname: Connection from host
FIREWALL (xxx.xxx.xxx.xxx) port 876
16:10:17.662 [1420.1656] <2> bpcd valid_server: comparing nawrcs-bbbkup02
and FIREWALL
16:10:17.662 [1420.1656] <2> bpcd valid_server: comparing
nawrcs-bbbkup02.na.corp.storaenso.com and FIREWALL
16:10:17.662 [1420.1656] <2> bpcd valid_server: comparing FIREWALL and
FIREWALL
16:10:17.662 [1420.1656] <4> bpcd valid_server: hostname comparison
succeeded
16:10:17.662 [1420.1656] <2> bpcd main: output socket port number = 13782
16:12:08.100 [1420.1656] <16> get_vnetd_socket: vnet_end_connect_back
failed: 10
16:12:08.100 [1420.1656] <16> bpcd main: get_vnetd_socket failed: 25
Current Environment: From the internal LAN to the DMZ, we've got all ports
open. From the DMZ to the LAN, we now have bpcd, bprd, and vnetd ports
open.
|