On Tue, 2003-12-30 at 14:43, donald.ritchey AT exeloncorp DOT com wrote:
> Geoff:
> 
> See the Amanda archives for the general discussions of using portrange and 
> udp-portrange while configuring Amanda.  We us it here for backups through 
> firewalls and have good success with it.
> 
> For example, we setup Amanda with the following statements in our Amanda 
> config shell scripts and set the firewalls to pass those port ranges 
> between the Amanda server and any client machines (but just those clients 
> and the server, not generally open to all comers).
> 
>       --with-portrange=50000,50040 --with-udpportrange=890,899
> 
> Our firewall rules look something like:
> 
> >From amandaserver            to amandaclients        UDP     890-899
> permit
> >From amandaserver            to amandaclients        TCP     50000-50040
> permit
> 
> >From amandaclients   to amandaserver UDP     890-899 permit
> >From amandaclients   to amandaserver TCP     50000-50040     permit
> 
> It may not be strictly necessary for both directions to be specified in the 
> firewall rules, but it works for us.
> 
> Check with your firewall/network administrator to see if she/he has any 
> preferred port ranges for you to use.  We picked the ones above based on 
> our firewall admin's observations that nothing else was using those ranges 
> around here.
> 
> Of course, your mileage may vary....
> 
> Good luck and best wishes for a Happy New Year,
> 
> Donald L. (Don) Ritchey
> E-mail:  Donald.Ritchey AT exeloncorp DOT com
> 
Don,

Checked the archives as suggested and rebuilt amanda using
--with-udpportrange=850,854
Opened these ports on the firewall and ran a test.

It worked!

I has worked in test environments before though, so the real test is
tonight. Reading the archive, it seems that it's the random udp port
that is the problem, hence occasional success.

Thanks for the pointers, very helpful

Happy new year,

Geoff