Yes, site-to-site VPN is the solution. NAL will expose your clients to internet.
Kleber Em 09/02/2012 10:30, Christopher Geegan escreveu: > Thanks for your feedback. Sounds like I didn't miss anything then. I am > trying to backup clients from home networks. These users generally don't have > IPSEC capable routers which stops the site-to-site idea. Your also right that > I could use non-defualt ports but this would deviate from default configs and > require static internal IPs or DHCP reservations both of which increase > management overhead as the deployment grows. > > I can see the solution plain as day with a client initiated option but I'm > not so profecient as to write it. I guess the non-default ports is the way to > go. > > Thank you again. > > ----- Original Message ----- > From: "Julian Fahrer" <jul...@fahrer.net> > To: "bacula-users" <bacula-users@lists.sourceforge.net> > Sent: Tuesday, February 7, 2012 12:24:20 PM > Subject: Re: [Bacula-users] FD behind NAT > > As you already said, you could use a site-to-site vpn. I don't know your > network, but if a non-openvpn site-to-site vpn would works, I guess you could > also use one openvpn instance on both sides to establish a site-to-site > connection. > > Or you could nat multiple ports to multiple clients. For example: your > offical IP is 123.123.123.123. your internal clients have the IPs > 192.168.0.1, 192.168.0.2, 192.168.0.3, 192.168.0.4. You then could nat > 123.123.123.123:9111 to 192.168.0.1, > 123.123.123.123:9112 to 192.168.0.2, > 123.123.123.123:9113 to 192.168.0.3, > 123.123.123.123:9114 to 192.168.0.4 > ... > > Personally I would definitely recommend a site-to-site vpn! > > Kind regards > > Julian > > -----Ursprüngliche Nachricht----- > Von: Christopher Geegan [mailto:cgee...@infosecur.biz] > Gesendet: Dienstag, 7. Februar 2012 18:56 > An: bacula-users > Betreff: [Bacula-users] FD behind NAT > > Forgive me if this has been asked and answered. > > I have a client (FD) behind NAT and I am look for ways to initiate backup > jobs from the server without port forwarding on the client side. > > I have read numerous articles of how to resolve issues with the server > (DIR/SD) being behind NAT but to me this is easy. I have even looked over the > "Dealing with Firewalls" section of the manual. In order for bacula to work > Dir must be able to contact FD to tell it to start the backup. Port > forwarding is not an option as we have numerous clients, Linux and Windows, > behind NAT and we cannot assign an external IP to each internal FD. To me > this means I have to have a site-to-site VPN tunnel or clients each running > OpenVPN for example. > > I am hoping somone can point me towards something I missed. > > ------------------------------------------------------------------------------ > Keep Your Developer Skills Current with LearnDevNow! > The most comprehensive online learning library for Microsoft developers is > just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro > Style Apps, more. Free future releases when you subscribe now! > http://p.sf.net/sfu/learndevnow-d2d > _______________________________________________ > Bacula-users mailing list > Bacula-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bacula-users > > ------------------------------------------------------------------------------ > Keep Your Developer Skills Current with LearnDevNow! > The most comprehensive online learning library for Microsoft developers > is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, > Metro Style Apps, more. Free future releases when you subscribe now! > http://p.sf.net/sfu/learndevnow-d2d > _______________________________________________ > Bacula-users mailing list > Bacula-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bacula-users > > ------------------------------------------------------------------------------ > Virtualization & Cloud Management Using Capacity Planning > Cloud computing makes use of virtualization - but cloud computing > also focuses on allowing computing to be delivered as a service. > http://www.accelacomm.com/jaw/sfnl/114/51521223/ > _______________________________________________ > Bacula-users mailing list > Bacula-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bacula-users ------------------------------------------------------------------------------ Virtualization & Cloud Management Using Capacity Planning Cloud computing makes use of virtualization - but cloud computing also focuses on allowing computing to be delivered as a service. http://www.accelacomm.com/jaw/sfnl/114/51521223/ _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
