Hello, We will be deploying a remote testbed that will sit on inside a VPN network. I've had a request that the developers would like to have the testbed hosts maintained by cfengine. However, the cfengine servers are outside the VPN network.
For similar purposes, when accessing a host inside the VPN network, I have NAT'd ports in the VPN gateway as a tunnel to the target server. For example, our Nagios server accesses VPN hosts through a VPN-Gateway by NAT'ing a port to the target host. To access, one would use the VPN-GW-IPaddr:PortNumber where the Port Number directs the packets via the VPN-GW to the appropriate port on the target host. A specific port number maps to each target host and the appropriate port number on that specific target host. It is my understanding that Cfengine uses port 5306 communicate. But, now I need the cfengine server to talk to the VPN-GW, to get through to the target host. That host will actually be represented by the IP addr of the VPN-GW + PortNumber (representing the target host) which will ultimately be directed to port 5306 on the target host. bintointerface in agent seems to be the closest to what I need, but it doesn't seem to have the ability to also assign a port. Ideas? deb -- Deb Heller-Evans 1 Cyclotron Road Computer Systems Engineer Berkeley, CA 94720 _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
