|
[Veritas-bu] Remote Connection to Master Server
2004-02-18 13:20:55
|
Subject: |
[Veritas-bu] Remote Connection to Master Server |
|
From: |
Joost Mulders <mail AT j-mulders.demon DOT nl> (Joost Mulders) |
|
Date: |
Wed, 18 Feb 2004 19:20:55 +0100 (CET) |
Hi Lindsay,
Yes, the Windows console needs a lot of ports open between you and the and
all your backup servers. It will be difficult to get this through a firewall.
But, I have another suggestion that is applicable if you have 4.5FP3 or
higher. Only for FP3 and higher, there is a fully functional java gui
available for both Windows and Unix.
I recently tested, succeeded (and documented ;-) a config whereby you run the
java gui "at home" and connect to the master server whereby ALL traffic is
tunneled (and encrypted) via ssh. The story is at:
http://www.j-mulders.demon.nl/netbackup/nbu-env/doc/FIREWALL
under the section "Java GUI & SSH Tunneling"
Basically, it consists of these steps:
1. install java gui at home and modify hostname.vrtsnbuj/nbj.conf
to use vnetd (NBJAVA_CONNECT_OPTION=1)
2. Open an ssh session with two tunnels
joost@home $ ssh -L 13722:backupserver:13722 \
-L 13724:backupserver:13724 root@backupserver
Most windows ssh software can do tunneling also (putty, securecrt et.al)
3. Start Java GUI and specify 'localhost' or your 'home' system name in the
login dialog. Username /password must be a user living on the backup
server (as usual)
That's all. All traffic will be encrypted and send via port 22 to the
backupserver. This also circumvents the dreaded 'clear text' passward issue
for the java gui.
Hope it's useful,
Best regards, Joost
>I have been connecting to a master server and running the jnbSA Java GUI
>through a ssh connection with Xwindows software. As you can imagine, its
>way, way to slow to be of much use.
>
>I have installed the Remote Administration tool for Netbackup Datacentre
>onto my Windows 2000 PC hoping to make a faster connection. I am unable to
>connect with the Master server at all. The entries have been made in the
>bp.conf file on the master server but still its not working. As I can't
>ping the Master server from my pc, I think its the Firewall causing the
>problem.
>
>Is there a patch or something that will fix this issue as I doubt that I'd
>get approval to open ports on the firewall?
>
>Regards from
>Lindsay
--
Long may you run.
|
|
|
