On Fri, Oct 06, 2006 at 08:07:28AM -0500, [EMAIL PROTECTED] wrote: > Hi Frank, > > Thanks for sharing this with me as it is very useful and will allow me to > possibly remove the OpenVPN part from the design that we are considering > since Bacula seems to be able to take care of this matter for us as a > built in feature. > > I guess that I still have the major question of being able to traverse > firewalls and routers since as you have mentioned that the Bacula server > initiates the connections to the clients and the client software does not > initiate any connection to the server although I think that would be a > nice feature as well. > > We want to close off as many of the ports to the Bacula server as we can > since it is the only service on that server in the most secure way > possible.
If you haven't found them yet, these parts of the manual should give you what you need. http://bacula.org/rel-manual/What_is_Bacula.html#SECTION00042000000000000000 http://bacula.org/rel-manual/Dealing_with_Firewalls.html Basically: Director - the only incoming connections it needs are from the console, which can be run locally on the same machine. Needs to make outgoing to file daemons on 9102 and the storage daemon on 9103. File daemon - needs to accept incoming connections on 9102 from the director, and be able to initiate outgoing connections to 9103 on the storage daemon. Storage daemon - doesn't make any outgoing connections. Needs to accept incoming on 9103 from file daemons and director. -- Frank Sweetser fs at wpi.edu | For every problem, there is a solution that WPI Network Engineer | is simple, elegant, and wrong. - HL Mencken GPG fingerprint = 6174 1257 129E 0D21 D8D4 E8A3 8E39 29E3 E2E8 8CEC ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys -- and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
