Hi, what about OpenVPN and static IP ranges per client for it? This should be secure enough and you have no more problems with dynamic IP addresses.
Regards Stefan Am 27.07.2017 um 18:19 schrieb PenguinWhispererThe: > Hi all, > > I've come by Bareos by accident after being a longtime Bacula user. > I have local and remote servers (by using some ssh port forwarding fiddling) > and some local "static" machines now in my backup and it's working great. > > Now I'd like to expand this to have laptops backed up as well. These laptops > are on the road so the IPs/hostnames can't be put in the config as they're > changing. > > I was wondering if there's a possibility to backup these clients as well. > I understand I can open up some firewall ports to the internet to let > filedaemons connect to my server. However the server initiates some > connections as well IIRC and that would require the client side to change the > firewall to allow these (for example the router where this laptop is > connected to). > > Is this secure? And I mainly mean: is it a good idea to have these ports open > to the internet? Perhaps someone can bruteforce it or the "protection" is not > that strong? > > Another way would be to install OpenVPN and let each client setup a VPN. > While this is certainly possible it's yet another tool that has to be > installed + the openvpn tunnel should be up to make the backup work. > > Any remarks or thoughts are welcome. > -- *CaC, Computer and Communication* Inhaber Stefan Klatt End-2-End Senior Network Consultant Triftstrasse 9 60528 Frankfurt Germany USt-IdNr.: DE260461592 Tel.: +49-(0)172-6807809 Tel.: +49-(0)69-67808-900 Fax: +49-(0)69-67808-837 Email: [email protected] Profil: http://www.cac-netzwerk.de/profil -- You received this message because you are subscribed to the Google Groups "bareos-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. For more options, visit https://groups.google.com/d/optout.
smime.p7s
Description: S/MIME Cryptographic Signature
