0

Here is the setup:

I have a Solaris box running the amanda backup server for all of the Solaris and Linux machines. It can backup all of the machines on the private network just fine, but there is one Redhat Linux 7.3 machine that sites outside of the firewall in a DMZ. Punching a hole in the firewall to allow communication is absolutely not an option, so what I need to know is what would be the safest and most reliable way to create a tunnel from the Redhat box in the DMZ to the Solaris box inside? I have thought of using an SSH tunnel, but I don't know how reliable that is, or how to do this properly without creating a backdoor through the firewall. Any help would be greatly appreciated.

2
Contributors
3
Replies
4
Views
13 Years
Discussion Span
Last Post by i686-linux
0

I would give openVPN a try. You can use UDP or TCP/IP ports for the tunnel and you can go cross platform from Solaris to Red Hat easily. I've had nothing but good things happen for my OpenVPN install and use.

http://openvpn.sourceforge.net/

Hope this is what you're looking for...it's a great prog.

0

Thanks, I appreciate your quick response. I have used OpenVPN before, and yes it is a great solution but I was hoping for a simple solution, not quite so heavy as installing a full vpn solution. I was hoping for just some kind of solution using ppp/ssh, ssh tunneling, or something like that. One, for simplicity, two, I don't need full access to resources between the boxes, just one port (10080/udp), and three, the solaris box has no development tools. I suppose I could make a dirty attempt at cross-compiling for Sparc64 on my linux box, but would rather not try that. It leaves too much room for error. Maybe I'm asking too much from too little.

0

This is all it took:

On internal machine:
#ssh -R 39:localhost:23 root@dmzmachine

On dmzmachine:
#telnet localhost 39
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.


SunOS 5.7

login:

I used telnet for an example, but now I can forward "anything."

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.