subject:"\[Bacula\-users\] Firewall"

Re: [Bacula-users] Firewall traversal

2011-06-29 Thread Rodrigo Renie Braga

Just giving my 2cents here: I solved the same problem you're having by using the /etc/hosts file... In bacula-dir configs, the I've configured the FD Address parameter with the FQDN of the bacula-sd server, and on the bacula-fd client, using the hosts file, I've pointed the FQDN to the IP of the f

Re: [Bacula-users] Firewall traversal

2011-06-28 Thread Martin Simmons

> On Mon, 27 Jun 2011 20:18:46 -0400, Dan Langille said: > > One of your basic assumptions is incorrect. I don't know what it is, but > something, somewhere is wrong. > > Verify that your bacula-dir.conf configuration is correct. I'd add: Verify that your bacula-dir.conf configuration is

Re: [Bacula-users] Firewall traversal

2011-06-27 Thread Dan Langille

On Jun 27, 2011, at 6:27 PM, Kevin O'Connor wrote: > It's set to files dns, if I ping the hostname it comes up as 127.0.0.1. > There's no way that this could be known by the 172.17.x.x address unless the > Director was translating it and passing it over - there's not even a > 172.x.x.x addres

Re: [Bacula-users] Firewall traversal

2011-06-27 Thread Kevin O'Connor

It's set to files dns, if I ping the hostname it comes up as 127.0.0.1. There's no way that this could be known by the 172.17.x.x address unless the Director was translating it and passing it over - there's not even a 172.x.x.x address configured on the client machine. I'm really confused here, a

Re: [Bacula-users] Firewall traversal

2011-06-24 Thread Martin Simmons

> On Thu, 23 Jun 2011 11:49:01 -0400, Kevin O'Connor said: > > Yeah, absolutely. There's no reference in any of my configs anywhere (dir, > sd, fd) on either machine to that IP, so it makes me think the Director is > resolving it, using that value internally, and then passing that over the >

Re: [Bacula-users] Firewall traversal

2011-06-24 Thread Jari Fredriksson

23.6.2011 18:49, Kevin O'Connor kirjoitti: > > > 2011/6/23 Jari Fredriksson mailto:ja...@iki.fi>> > > 23.6.2011 4:28, Dan Langille kirjoitti: > > > > On Jun 22, 2011, at 9:18 PM, Kevin O'Connor wrote: > > > >> On Mon, Jun 20, 2011 at 6:55 PM, Dan Langille

Re: [Bacula-users] Firewall traversal

2011-06-23 Thread Kevin O'Connor

2011/6/23 Jari Fredriksson > 23.6.2011 4:28, Dan Langille kirjoitti: > > > > On Jun 22, 2011, at 9:18 PM, Kevin O'Connor wrote: > > > >> On Mon, Jun 20, 2011 at 6:55 PM, Dan Langille wrote: > >> On Jun 20, 2011, at 12:11 PM, Kevin O'Connor wrote: > >>> > My setup is as follows: > > >>>

Re: [Bacula-users] Firewall traversal

2011-06-23 Thread Jari Fredriksson

23.6.2011 4:28, Dan Langille kirjoitti: > > On Jun 22, 2011, at 9:18 PM, Kevin O'Connor wrote: > >> On Mon, Jun 20, 2011 at 6:55 PM, Dan Langille wrote: >> On Jun 20, 2011, at 12:11 PM, Kevin O'Connor wrote: >>> My setup is as follows: Bacula Server (DIR, SD) -> Firewall/NAT -> Se

Re: [Bacula-users] Firewall traversal

2011-06-23 Thread shouldbe q931

2011/6/23 Kevin O'Connor : > So I've followed that SSH tunneling article, but I see that the FD on the > remote server outside of the firewall is trying to connect to 172.16.x.x, > which is what the SD resolves to inside of our network. I've followed the > instructions in the article to add the SD

Re: [Bacula-users] Firewall traversal

2011-06-23 Thread shouldbe q931

2011/6/23 Kevin O'Connor : > So I've followed that SSH tunneling article, but I see that the FD on the > remote server outside of the firewall is trying to connect to 172.16.x.x, > which is what the SD resolves to inside of our network. I've followed the > instructions in the article to add the SD

Re: [Bacula-users] Firewall traversal

2011-06-22 Thread Dan Langille

On Jun 22, 2011, at 9:18 PM, Kevin O'Connor wrote: > On Mon, Jun 20, 2011 at 6:55 PM, Dan Langille wrote: > On Jun 20, 2011, at 12:11 PM, Kevin O'Connor wrote: >> >> > My setup is as follows: >> > >> > Bacula Server (DIR, SD) -> Firewall/NAT -> Server to be backed up (FD) >> > >> > The FD is ac

Re: [Bacula-users] Firewall traversal

2011-06-22 Thread Kevin O'Connor

So I've followed that SSH tunneling article, but I see that the FD on the remote server outside of the firewall is trying to connect to 172.16.x.x, which is what the SD resolves to inside of our network. I've followed the instructions in the article to add the SD FQDN to /etc/hosts to make it reso

Re: [Bacula-users] Firewall traversal

2011-06-20 Thread Dan Langille

On Jun 20, 2011, at 12:11 PM, Kevin O'Connor wrote: > My setup is as follows: > > Bacula Server (DIR, SD) -> Firewall/NAT -> Server to be backed up (FD) > > The FD is accessible from anywhere, but the DIR/SD is not (NAT/FW). > > When I start the backup, the Director connects to the FD without

Re: [Bacula-users] Firewall traversal

2011-06-20 Thread Gavin McCullagh

Hi, On Mon, 20 Jun 2011, Kevin O'Connor wrote: > I understand how it's supposed to work (FD to SD), that's why I'm asking if > there was some cryptic config option or something I was missing to make it > do the reverse. It exists as Active/Passive in FTP, so it's not too crazy > to think somethi

Re: [Bacula-users] Firewall traversal

2011-06-20 Thread Kevin O'Connor

I understand how it's supposed to work (FD to SD), that's why I'm asking if there was some cryptic config option or something I was missing to make it do the reverse. It exists as Active/Passive in FTP, so it's not too crazy to think something similar might exist for Bacula. I guess not though.

Re: [Bacula-users] Firewall traversal

2011-06-20 Thread Gavin McCullagh

Hi, On Mon, 20 Jun 2011, Kevin O'Connor wrote: > Bacula Server (DIR, SD) -> Firewall/NAT -> Server to be backed up (FD) > > The FD is accessible from anywhere, but the DIR/SD is not (NAT/FW). > > When I start the backup, the Director connects to the FD without a problem, > but then when the Dir

Re: [Bacula-users] Firewall traversal

2011-06-20 Thread Craig Van Tassle

On Mon, 20 Jun 2011 12:11:21 -0400 "Kevin O'Connor" wrote: > My setup is as follows: > > Bacula Server (DIR, SD) -> Firewall/NAT -> Server to be backed up (FD) > > The FD is accessible from anywhere, but the DIR/SD is not (NAT/FW). > > When I start the backup, the Director connects to the FD w

Re: [Bacula-users] Firewall traversal

2011-06-20 Thread John Drescher

2011/6/20 Kevin O'Connor : > My setup is as follows: > Bacula Server (DIR, SD) -> Firewall/NAT -> Server to be backed up (FD) > The FD is accessible from anywhere, but the DIR/SD is not (NAT/FW). > When I start the backup, the Director connects to the FD without a problem, > but then when the Direc

Re: [Bacula-users] Firewall traversal

2011-06-20 Thread shouldbe q931

OpenVPN ? 2011/6/20 Kevin O'Connor : > My setup is as follows: > Bacula Server (DIR, SD) -> Firewall/NAT -> Server to be backed up (FD) > The FD is accessible from anywhere, but the DIR/SD is not (NAT/FW). > When I start the backup, the Director connects to the FD without a problem, > but then whe

Re: [Bacula-users] Firewall traversal

2011-06-20 Thread jerry lowry

I have a similar setup. Can you add a rule in the firewall that will allow the FD access to the SD. That's what I did in order to get my backups to work. On 6/20/2011 9:11 AM, Kevin O'Connor wrote: My setup is as follows: Bacula Server (DIR, SD) -> Firewall/NAT -> Server to be backed up (F

[Bacula-users] Firewall traversal

2011-06-20 Thread Kevin O'Connor

My setup is as follows: Bacula Server (DIR, SD) -> Firewall/NAT -> Server to be backed up (FD) The FD is accessible from anywhere, but the DIR/SD is not (NAT/FW). When I start the backup, the Director connects to the FD without a problem, but then when the Director tells the FD to connect back t

Re: [Bacula-users] Firewall problems

2009-10-23 Thread Thomas Bennett

This is what I use on all my clients: -A INPUT -m state --state NEW -m tcp -p tcp --dport 9102 -j ACCEPT I had only one issue which was on one server and I couldn't connect. I moved the rule to the top of the list of rules and then I was able to connect. I usually use a separate rule for eac

Re: [Bacula-users] Firewall problems

2009-10-23 Thread Terry L. Inzauro

Gabriel - IP Guys wrote: > > > Dear All, > > > > I need some fresh eyes on this at the moment. I made this entry in the > firewall scripts of my Linux servers which will be running some > component of Bacula > > > > iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 9101:9103 >

Re: [Bacula-users] Firewall problems

2009-10-23 Thread Terry L. Inzauro

Gabriel - IP Guys wrote: > > > Dear All, > > > > I need some fresh eyes on this at the moment. I made this entry in the > firewall scripts of my Linux servers which will be running some > component of Bacula > > > > iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 9101:9103 >

[Bacula-users] Firewall problems

2009-10-23 Thread Gabriel - IP Guys

Dear All, I need some fresh eyes on this at the moment. I made this entry in the firewall scripts of my Linux servers which will be running some component of Bacula iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 9101:9103 -j ACCEPT I will add the source directive when I'm

Re: [Bacula-users] Firewall fun

2009-06-24 Thread Dirk Bartley

On Tue, 2009-06-23 at 21:52 +0200, Arno Lehmann wrote: > Hi, > > 23.06.2009 17:04, Dirk Bartley wrote: > > Sure, iptables allows for connection based rules as well as the old > > ipchains style rules based rules. > > > > So your probably using connection based rules like : > > iptables -A INPUT

Re: [Bacula-users] Firewall fun

2009-06-23 Thread Dirk Bartley

On Tue, 2009-06-23 at 21:52 +0200, Arno Lehmann wrote: > Hi, > > 23.06.2009 17:04, Dirk Bartley wrote: > > Sure, iptables allows for connection based rules as well as the old > > ipchains style rules based rules. > > > > So your probably using connection based rules like : > > iptables -A INPUT

Re: [Bacula-users] Firewall fun

2009-06-23 Thread Arno Lehmann

Hi, 23.06.2009 17:04, Dirk Bartley wrote: > Sure, iptables allows for connection based rules as well as the old > ipchains style rules based rules. > > So your probably using connection based rules like : > iptables -A INPUT -p tcp -m state --state ESTABLISHED -j ACCEPT > iptables -A OUTPUT -p

Re: [Bacula-users] Firewall fun

2009-06-23 Thread Dirk Bartley

Sure, iptables allows for connection based rules as well as the old ipchains style rules based rules. So your probably using connection based rules like : iptables -A INPUT -p tcp -m state --state ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT just ad

[Bacula-users] Firewall fun

2009-06-23 Thread Dirk Bartley

Greetings Moved a machine into a dmz behind a pix515e firewall. Created a rule to allow the fd to connect to the sd and it seems to work, except for one little peculiarity on a larger backup job. On a server that backs up about 60GB, it fails at the very tail end of the backup. The firewall log

Re: [Bacula-users] Firewall woes

2009-06-15 Thread Josh Fisher

ector. But still got the same error. > > Finally, I disabled iptables on the Client and the back up completed > without a problem. > > Any ideas? > > Ken > > >> -Original Message- >> From: Marc Schiffbauer [mailto:m...@schiffbauer.net] >>

Re: [Bacula-users] Firewall woes

2009-06-15 Thread Kevin Keane

t; > Ken > > >> -Original Message- >> From: Marc Schiffbauer [mailto:m...@schiffbauer.net] >> Sent: Friday, 12 June 2009 7:56 PM >> To: bacula-users@lists.sourceforge.net >> Subject: Re: [Bacula-users] Firewall woes >> >> * Ken Barclay schrieb am 12.

Re: [Bacula-users] Firewall woes

2009-06-15 Thread Ken Barclay

> To: bacula-users@lists.sourceforge.net > Subject: Re: [Bacula-users] Firewall woes > > * Ken Barclay schrieb am 12.06.09 um 11:56 Uhr: > > Don't you just love firewalls! > > > > > > > > Today received this error on a newly installed client - > >

Re: [Bacula-users] Firewall woes

2009-06-12 Thread Marc Schiffbauer

* Ken Barclay schrieb am 12.06.09 um 11:56 Uhr: > Don't you just love firewalls! > > > > Today received this error on a newly installed client - > > > > 12-Jun 16:27 KenTest-dir JobId 8309: Fatal error: Unable to authenticate > with File daemon at "192.168.2.130:9102". Possible causes:blah,

[Bacula-users] Firewall woes

2009-06-12 Thread Ken Barclay

Don't you just love firewalls! Today received this error on a newly installed client - 12-Jun 16:27 KenTest-dir JobId 8309: Fatal error: Unable to authenticate with File daemon at "192.168.2.130:9102". Possible causes:blah,etc On this client the iptable entry reads as follows: 1

[Bacula-users] firewall/natd

2007-06-20 Thread RYAN M. vAN GINNEKEN

THANKS DAVE as i mentioned bacula used to work when these two machine were on the same internal network. So i believe the password should not have changed however i have attached some relevant files. Hello, It looks like your firewall setup is good. I believe the problem is the file an

[Bacula-users] firewall/nat

2007-06-20 Thread RYAN M. vAN GINNEKEN

Using bacula version 2.0.3 on the client and the server can achieve perfect backups when these machines are on the same internal network however.. I am tring to set bacula up to backup a remote machine that is on the other side of of a firewall. I have read and reread the bacula do

Re: [Bacula-users] Firewall

2006-04-17 Thread hikari

Lowe, Bryan wrote: > are backing up fine, it’s just those 2 that choke. When I check my > firewall logs, the service that gets blocked seems to be different every > week! One week it’s tcp port 39450 and port 36401, the next week it’s > 50596 and 39398, etc. It sounds like you're lookin

[Bacula-users] Firewall

2006-04-17 Thread Lowe, Bryan

I apologize if this has been addressed, but I couldn’t find anything in the archives. If this is the incorrect list for this inquiry, please point me in the correct direction. I’ve been using Bacula (1.36.0) to back up our servers for about 2 years now. Everything has been running fin

39 matches

Mail list logo