There are several available approaches: (in no particular order) 1) reconfigure the VPN tunnel so that the AMANDA traffic is not subject to NAT.
2) use a separate VPN tunnel for AMANDA that bypasses NAT. 3) rebuild AMANDA with a specific port range (search the archives for details). 4) rebuild AMANDA without the port check (not recommended, but also in the archive.) > -----Original Message----- > From: adi [mailto:[EMAIL PROTECTED]] > Sent: Thursday, June 13, 2002 4:33 PM > To: [EMAIL PROTECTED] > Subject: Re: amanda and vpnd > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi again, if i can't make this to work, then can i make > amanda accept if it is > coming from a high numbered port or even any number port? Thanks. > > > On Friday 14 June 2002 00:43, adi wrote: > > Hello, > > i have a problem running amcheck. My amanda server has a > private ip and > > needs to backup a remote server(live ip). Amanda server > connects to the > > vpnd server which is on a local lan and tunnel thru the vpn > connection in > > order to do a backup. The remote machine which has to be > backed up has a > > serial link established to the vpn server. > > > > The first time i tried running amcheck, it complains that > it's(the vpn > > server) is coming from a port which is not secure. So i > need to redirect > > connections coming from amanda server to a well-known port > and then forward > > it to the amanda client. Correct? I wonder if anyone has > been successfull > > at this attempt? This is my ipchains on the vpn server. > > > > /sbin/ipchains -A forward -i sl0 -s 192.168.1.85 -d > 192.168.200.2 -j MASQ > > /sbin/ipchains -A input -j REDIRECT 600 -p udp -s 192.168.1.85 -d > > 192.168.200.2 10080 > > > > 192.168.1.85 is the amanda server. > > 192.168.200.2 is the amanda client > > The vpn server serial ip is 192.168.100.2. > > > > This is the output of amcheck. > > > > Amanda Backup Client Hosts Check > > -------------------------------- > > WARNING: zeus.vpn-remote: selfcheck request timed out. Host down? > > Client check: 1 host checked in 30.006 seconds, 1 problem found > > > > I've been cracking my head for 2 days now.. help needed, thanks. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.6 (GNU/Linux) > Comment: For info see http://www.gnupg.org > > iD8DBQE9CQFpInIYkBVpGqURAuEfAJ92h1BMgNCn5JO/gei+MGI3FsmvHgCdH6R4 > TLu3DbvCM/gyQDolAqwvjUg= > =DuEj > -----END PGP SIGNATURE----- >
