Costantino pisze: > I want my firewall to let few mobile clients to connect over the Internet > to my backup server on the LAN without using VPN or SSH forwarding. > The connection is secured via TLS certs + encrypt provided by the backup > application. > > A rule like this > > DNAT net:$CLIENT1 loc:$BACKUP tcp PPPP > > works if CLIENT1 has a fixed IP address. Unfortunately clients have > dinamically assigned IP addresses, with FQDN assigned to each client > via a dynamic DNS service provider. > > Is there a solution ? > What rules should I implement knowing that I run ShoreWall 3.2.8 ?
You could try the way described at http://www.shorewall.net/3.0/PortKnocking.html (there is almost exactly the same situations described there). -- Artur ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
