Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] Remote backup through NAT?

2016-01-27 16:46:18
Subject: Re: [Bacula-users] Remote backup through NAT?
From: Wesley Render <wrender AT otherdata DOT com>
To: bacula-users AT lists.sourceforge DOT net
Date: Wed, 27 Jan 2016 21:20:43 +0000 
I had a lot of problems getting my setup to work over NAT too.  If you  
want email me directly and I can provide my full configs/help out.  I  
think what ended up fixing it for me was updating all of the Bacula  
components to 7.2.0.  I had a real struggle trying to get it to work  
with 5.x too.

Here is what I would recommend:

-  For consistency make sure you are running all Bacula 7.2.0 on all  
computers. (Not sure if this is possible for Microsoft Windows Clients)
-  On your firewall for the internal lan where your bacula server and  
storage daemon is. Open/Forward ports 9101-9103.
-  In your bacula server for the "client" definition, make sure the  
"Address" is that of the public IP, or hostname of the client server.   
Mine looks like this:
#####  On the Bacula Server #####
Client {
Name = web221.mydomain.com-fd
Password = mypassword
Address = web221.mydomain.com
FDPort = 9102
Catalog = MyCatalog
File Retention = 30 days
Job Retention = 6 months
TLS Enable = yes
TLS Require = yes
TLS Certificate = /etc/bacula/certs/web221.mydomain.com.crt
TLS Key = /etc/bacula/certs/web221.mydomain.com-daemon.key
TLS CA Certificate File = /etc/bacula/certs/cacert.pem
AutoPrune = yes
}

-  On the client's bacula-fd.conf mine looks like this:

#####  On the Linux Client #####
Director {
   Name = bacula-dir
   Password = mypassword
   TLS Certificate = /etc/bacula/certs/web221.mydomain.com.crt
   TLS Key = /etc/bacula/certs/web221.mydomain.com-daemon.key
   TLS CA Certificate File = /etc/bacula/certs/cacert.pem
   TLS Enable = yes
   TLS Require = yes
}

FileDaemon {
   Name = web221.mydomain.com-fd
   FDport = 9102
   WorkingDirectory = /var/spool/bacula
   Pid Directory = /var/run
   Maximum Concurrent Jobs = 20
# Plugin Directory = /usr/lib64/bacula
   TLS Enable = yes
   TLS Require = yes
   TLS Certificate = /etc/bacula/certs/web221.mydomain.com.crt
   TLS Key = /etc/bacula/certs/web221.mydomain.com-daemon.key
   TLS CA Certificate File = /etc/bacula/certs/cacert.pem
   PKI Signatures = Yes            # Enable Data Signing
   PKI Encryption = Yes            # Enable Data Encryption
   PKI Keypair =  
"/etc/bacula/bacula_disk_keys/fd-web221.mydomain.com.pem"    # Public  
and Private Keys
   PKI Master Key = "/etc/bacula/bacula_disk_keys/master.cert"    #  
ONLY the Public Key
}





-- 
Wesley Render, Consultant
OtherData
www.otherdata.com


------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Bacula-users] What to exclude?, Michael Munger
Next by Date:  Re: [Bacula-users] Remote backup through NAT?, Michael Munger
Previous by Thread:  Re: [Bacula-users] Remote backup through NAT?, Michael Munger
Next by Thread:  Re: [Bacula-users] Remote backup through NAT?, Michael Munger
Indexes:  [Date] [Thread] [Top] [All Lists]