Hi, Les Mikesell wrote on 2013-03-20 16:19:23 -0500 [Re: [BackupPC-users] Need guidance for backing up remote Windows PC]: > On Wed, Mar 20, 2013 at 4:00 PM, Jeff Boyce <jbo...@meridianenv.com> wrote: > > [...] > > Local Network > > Sequoia = Samba (and WINS server) and OpenVPN server (192.168.112.50) > > Taxa = DNSmasq (dns and dhcp server) (192.168.112.51) > > Bacteria = BackupPC server (192.168.112.52) > > Network IP = 192.168.112.0/24
ok. > > Remote Windows Box > > Computer Name = jks-e6500 > > Remote LAN IP = unknown > > Remote WAN IP = dynamic > > OpenVPN Common Name = jkssequoiaclient All of these don't matter for the question at hand. > > OpenVPN IP = static, 10.9.8.10 > > OpenVPN routed network > [...] > If you manage local dns you can add the target name with the VPN IP > and everything should work the same as locally. Alternatively, you > could set ClientNameAlias to the VPN IP in the backuppc config. In particular, you can choose whatever name for the client suits your purposes. Usually, you will want to use just one name for one machine, but since you've used a different one in the OpenVPN certificate, I thought I'd mention it. The name in the certificate is really only used for selecting the clients/ file (in OpenVPN), which usually defines the IP used. It does *not* magically set up some sort of name resolution for that name. I would have used "jks-e6500" to match the host name, but it doesn't really make any difference. Adding something like 10.9.8.10 jks-e6500 to a hosts-type file (/etc/hosts on the BackupPC server or better a hosts file served by your DNSmasq server) should do the trick. Talking of hosts files, the DHCP flag in BackupPC's hosts file should be 0 :-). > > My thinking is that since the remote Windows box can connect and browse the > > Samba shares on Sequoia via the VPN, then obviously Samba knows how to > > communicate with this remote client. At the TCP level, the Samba server doesn't really need to know anything. There's an incoming connection from an IP it can route reply packets to. Fine. Samba itself might require more, in order to determine whether to allow access or not. The remote machine might register itself with the Samba WINS server. But it's the remote machine that initiates the connection. > No, that's not entirely obvious unless the backuppc server is also the > VPN server. Sometimes VPN servers are configured to NAT to their > ethernet interfaces to provide LAN connectivity for the remote > clients. That's a good point. If that were the case, you'd need to rethink things. > In your case you need routing from the backuppc server to > the client IP which may or may not be present. Can you connect with > smbclient to the 10.9.8.10 IP? If your VPN server is not NATting and it's not the default gateway, then you'd need either a host or probably better a network route (on your BackupPC server): # route add -host 10.9.8.10 gw sequoia or # route add -net 10.9.8.0/24 gw sequoia Additionally, if sequoia was not previously routing traffic, you might need to # echo 1 > /proc/sys/net/ipv4/ip_forward (on sequoia) which you'd want to do automatically on reboot by adding (or uncommenting) net.ipv4.ip_forward=1 in /etc/sysctl.conf. For IPv6, see the comments in sysctl.conf. Regards, Holger ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_mar _______________________________________________ BackupPC-users mailing list BackupPC-users@lists.sourceforge.net List: https://lists.sourceforge.net/lists/listinfo/backuppc-users Wiki: http://backuppc.wiki.sourceforge.net Project: http://backuppc.sourceforge.net/