Thanks for your feedback. Sounds like I didn't miss anything then. I am trying
to backup clients from home networks. These users generally don't have IPSEC
capable routers which stops the site-to-site idea. Your also right that I could
use non-defualt ports but this would deviate from default configs and require
static internal IPs or DHCP reservations both of which increase management
overhead as the deployment grows.
I can see the solution plain as day with a client initiated option but I'm not
so profecient as to write it. I guess the non-default ports is the way to go.
Thank you again.
----- Original Message -----
From: "Julian Fahrer" <julian AT fahrer DOT net>
To: "bacula-users" <bacula-users AT lists.sourceforge DOT net>
Sent: Tuesday, February 7, 2012 12:24:20 PM
Subject: Re: [Bacula-users] FD behind NAT
As you already said, you could use a site-to-site vpn. I don't know your
network, but if a non-openvpn site-to-site vpn would works, I guess you could
also use one openvpn instance on both sides to establish a site-to-site
connection.
Or you could nat multiple ports to multiple clients. For example: your offical
IP is 123.123.123.123. your internal clients have the IPs 192.168.0.1,
192.168.0.2, 192.168.0.3, 192.168.0.4. You then could nat
123.123.123.123:9111 to 192.168.0.1,
123.123.123.123:9112 to 192.168.0.2,
123.123.123.123:9113 to 192.168.0.3,
123.123.123.123:9114 to 192.168.0.4
...
Personally I would definitely recommend a site-to-site vpn!
Kind regards
Julian
-----Ursprüngliche Nachricht-----
Von: Christopher Geegan [mailto:cgeegan AT infosecur DOT biz]
Gesendet: Dienstag, 7. Februar 2012 18:56
An: bacula-users
Betreff: [Bacula-users] FD behind NAT
Forgive me if this has been asked and answered.
I have a client (FD) behind NAT and I am look for ways to initiate backup jobs
from the server without port forwarding on the client side.
I have read numerous articles of how to resolve issues with the server (DIR/SD)
being behind NAT but to me this is easy. I have even looked over the "Dealing
with Firewalls" section of the manual. In order for bacula to work Dir must be
able to contact FD to tell it to start the backup. Port forwarding is not an
option as we have numerous clients, Linux and Windows, behind NAT and we cannot
assign an external IP to each internal FD. To me this means I have to have a
site-to-site VPN tunnel or clients each running OpenVPN for example.
I am hoping somone can point me towards something I missed.
------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers is just
$99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style
Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
------------------------------------------------------------------------------
Keep Your Developer Skills Current with LearnDevNow!
The most comprehensive online learning library for Microsoft developers
is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
Metro Style Apps, more. Free future releases when you subscribe now!
http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
|