Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] FD behind NAT

2012-02-09 08:39:01
Subject: Re: [Bacula-users] FD behind NAT
From: Kleber Leal <kleber.leal AT gmail DOT com>
To: bacula-users AT lists.sourceforge DOT net
Date: Thu, 09 Feb 2012 10:37:02 -0300 
Yes,

site-to-site VPN is the solution.
NAL will expose your clients to internet.

Kleber

Em 09/02/2012 10:30, Christopher Geegan escreveu:
> Thanks for your feedback. Sounds like I didn't miss anything then. I am 
> trying to backup clients from home networks. These users generally don't have 
> IPSEC capable routers which stops the site-to-site idea. Your also right that 
> I could use non-defualt ports but this would deviate from default configs and 
> require static internal IPs or DHCP reservations both of which increase 
> management overhead as the deployment grows.
> 
> I can see the solution plain as day with a client initiated option but I'm 
> not so profecient as to write it. I guess the non-default ports is the way to 
> go.
> 
> Thank you again.
> 
> ----- Original Message -----
> From: "Julian Fahrer" <julian AT fahrer DOT net>
> To: "bacula-users" <bacula-users AT lists.sourceforge DOT net>
> Sent: Tuesday, February 7, 2012 12:24:20 PM
> Subject: Re: [Bacula-users] FD behind NAT
> 
> As you already said, you could use a site-to-site vpn. I don't know your 
> network, but if a non-openvpn site-to-site vpn would works, I guess you could 
> also use one openvpn instance on both sides to establish a site-to-site 
> connection.
> 
> Or you could nat multiple ports to multiple clients. For example: your 
> offical IP is 123.123.123.123. your internal clients have the IPs 
> 192.168.0.1, 192.168.0.2, 192.168.0.3, 192.168.0.4. You then could nat 
> 123.123.123.123:9111 to 192.168.0.1, 
> 123.123.123.123:9112 to 192.168.0.2, 
> 123.123.123.123:9113 to 192.168.0.3, 
> 123.123.123.123:9114 to 192.168.0.4
> ...
> 
> Personally I would definitely recommend a site-to-site vpn!
> 
> Kind regards
> 
> Julian
> 
> -----Ursprüngliche Nachricht-----
> Von: Christopher Geegan [mailto:cgeegan AT infosecur DOT biz] 
> Gesendet: Dienstag, 7. Februar 2012 18:56
> An: bacula-users 
> Betreff: [Bacula-users] FD behind NAT
> 
> Forgive me if this has been asked and answered.
> 
> I have a client (FD) behind NAT and I am look for ways to initiate backup 
> jobs from the server without port forwarding on the client side.
> 
> I have read numerous articles of how to resolve issues with the server 
> (DIR/SD) being behind NAT but to me this is easy. I have even looked over the 
> "Dealing with Firewalls" section of the manual. In order for bacula to work 
> Dir must be able to contact FD to tell it to start the backup. Port 
> forwarding is not an option as we have numerous clients, Linux and Windows, 
> behind NAT and we cannot assign an external IP to each internal FD. To me 
> this means I have to have a site-to-site VPN tunnel or clients each running 
> OpenVPN for example.
> 
> I am hoping somone can point me towards something I missed.
> 
> ------------------------------------------------------------------------------
> Keep Your Developer Skills Current with LearnDevNow!
> The most comprehensive online learning library for Microsoft developers is 
> just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro 
> Style Apps, more. Free future releases when you subscribe now!
> http://p.sf.net/sfu/learndevnow-d2d
> _______________________________________________
> Bacula-users mailing list
> Bacula-users AT lists.sourceforge DOT net
> https://lists.sourceforge.net/lists/listinfo/bacula-users
> 
> ------------------------------------------------------------------------------
> Keep Your Developer Skills Current with LearnDevNow!
> The most comprehensive online learning library for Microsoft developers
> is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3,
> Metro Style Apps, more. Free future releases when you subscribe now!
> http://p.sf.net/sfu/learndevnow-d2d
> _______________________________________________
> Bacula-users mailing list
> Bacula-users AT lists.sourceforge DOT net
> https://lists.sourceforge.net/lists/listinfo/bacula-users
> 
> ------------------------------------------------------------------------------
> Virtualization & Cloud Management Using Capacity Planning
> Cloud computing makes use of virtualization - but cloud computing 
> also focuses on allowing computing to be delivered as a service.
> http://www.accelacomm.com/jaw/sfnl/114/51521223/
> _______________________________________________
> Bacula-users mailing list
> Bacula-users AT lists.sourceforge DOT net
> https://lists.sourceforge.net/lists/listinfo/bacula-users


------------------------------------------------------------------------------
Virtualization & Cloud Management Using Capacity Planning
Cloud computing makes use of virtualization - but cloud computing 
also focuses on allowing computing to be delivered as a service.
http://www.accelacomm.com/jaw/sfnl/114/51521223/
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] FD behind NAT, Christopher Geegan
Next by Date:  [Bacula-users] jbd2 at 99.99% usage with very low speed, Cristóbal Sabroe Yde
Previous by Thread:  Re: [Bacula-users] FD behind NAT, Christopher Geegan
Next by Thread:  Re: [Bacula-users] FD behind NAT, Francisco Javier Funes Nieto
Indexes:  [Date] [Thread] [Top] [All Lists]