So I've been dealing with amanda through a (IPMasq/NAT linux) firewall and
there are obvious issues with masquerading preventing amanda from functioning
correctly, I have yet to test this config but my hypothesis is, setup IP-IP
tunneling on the firewall, clients, and server, and create a tunnel from each
client to the server to make them appear as local address's. Once data is
passed to the tunneléd device, the tunneling takes over and no more exchange's
between the clients and the server need to be made directly through the
firewall, they instead route all packets to the tunneléd device. I have yet to
get this working due to the HA nature of our tape server, and cannot reboot
(module compiles with unresolved symbols for some reason.) to make the IP-IP
module load properly. If anyone would like to test this, I would be very
interested to hear how it went, as soon as I get a working config, I will
write a small recipe to post to the list so all may freely backup clients
THROUGH a masq'd firewall!!
"The probability of someone watching you is directly proportional to the
stupidity of your action."
--
Thomas J. Hudak
Systems Administrator
Sistina Software Inc.
Phone: 612.379.3951 Page: 612.318.1967
Fax: 612.379.3952
PGP signature
