Greetings all.

I am running NetBackup v5.0 MP6, and have a client on the other side of a
firewall whose administrator won't play nice and open NetBackup ports up so
I can back up the client.  The only traffic they'll allow through is SSH.

I'm thinking I can use SSH tunneling to essentially get this sucker backed
up.  My research indicates I need to arrange for a master server->client
connection on ports 13782 and 13724, and client->master connections on
ports 13724 and 13720 (for database backups of a Sybase server).

In order to not have to override default port numbers, I'm thinking the
best attack would be to setup a small "proxy" host on my side of the
firewall whose sole job is to use SSH tunneling to the remote host.  The
master would then be told to back up that proxy, none the wiser that it's
actually being forwarded through a tunnel to the remote side of the
firewall.  Using a "proxy" host like this it would seem would make life
easier, as if I try to tunnel on the default ports right from the master, I
may conflict with the netbackup daemons on that master.

Has anyone done this before?  Am I missing something that would make this
all easier?

-- Mike Varney / HRI