So I've been dealing with amanda through a (IPMasq/NAT linux) firewall and
there are obvious issues with masquerading preventing amanda from functioning
correctly, I have yet to test this config but my hypothesis is, setup IP-IP
tunneling on the firewall, clients, and server, and create a tunnel from each
client to the server to make them appear as local address's. Once data is
passed to the tunnel�d device, the tunneling takes over and no more exchange's
between the clients and the server need to be made directly through the
firewall, they instead route all packets to the tunnel�d device. I have yet to
get this working due to the HA nature of our tape server, and cannot reboot
(module compiles with unresolved symbols for some reason.) to make the IP-IP
module load properly. If anyone would like to test this, I would be very
interested to hear how it went, as soon as I get a working config, I will
write a small recipe to post to the list so all may freely backup clients
THROUGH a masq'd firewall!!
"The probability of someone watching you is directly proportional to the
stupidity of your action."
--
Thomas J. Hudak
Systems Administrator
Sistina Software Inc.
Phone: 612.379.3951 Page: 612.318.1967
Fax: 612.379.3952
PGP signature
