How To:Run Amanda Across a NAT Boundary: Difference between revisions
Jump to navigation
Jump to search
(Copied from Port NNNN is not secure) |
(removed Category:How To and added {{How To Header}}) |
||
Line 1: | Line 1: | ||
{{How To Header}} | |||
To get Amanda to work across a NAT (masquerade) boundry you need two things: | To get Amanda to work across a NAT (masquerade) boundry you need two things: | ||
Line 16: | Line 17: | ||
=Credits= | =Credits= | ||
This text was originally contributed to the AMANDA-FAQ-O-Matic by [email protected]. | This text was originally contributed to the AMANDA-FAQ-O-Matic by [email protected]. | ||
Latest revision as of 22:10, 22 May 2007
This article is a part of the How Tos collection.
To get Amanda to work across a NAT (masquerade) boundry you need two things:
1. set up a forwarding that preserves the reserved port (which is silly in this day and age). 10.0.0.4 is the Amanda Client, 172.30.2.42 is the Amanda Server, 10.0.0.6 is the NAT's external IP. My ipnat.conf:
map ex0 from 172.30.2.42 to 10.0.0.4 -> 10.0.0.6/32 portmap udp 600:800 map ex0 172.30.2.0/24 -> 10.0.0.6/32 portmap tcp/udp 1025:60000 map ex0 172.30.2.0/24 -> 10.0.0.6/32
2. Allow the transport stream. This happens on a high numbered TCP port thats randomly chosen for both endpoints. It took me a while to determine this. frags of my ipf.conf on the client: (These both have group tags that pulled the traffic from the particular interface.)
pass in proto udp from 10.0.0.0/28 to any port = amanda pass in proto tcp from 10.0.0.6 to 10.0.0.4 keep state
Credits
This text was originally contributed to the AMANDA-FAQ-O-Matic by [email protected].