Member Avatar for i686-linux

Here is the setup:

I have a Solaris box running the amanda backup server for all of the Solaris and Linux machines. It can backup all of the machines on the private network just fine, but there is one Redhat Linux 7.3 machine that sites outside of the firewall in a DMZ. Punching a hole in the firewall to allow communication is absolutely not an option, so what I need to know is what would be the safest and most reliable way to create a tunnel from the Redhat box in the DMZ to the Solaris box inside? I have thought of using an SSH tunnel, but I don't know how reliable that is, or how to do this properly without creating a backdoor through the firewall. Any help would be greatly appreciated.

  • 2 Contributors
  • 3 Replies
  • 169 Views
  • 5 Days Discussion Span
  • Latest Post Latest Post by i686-linux

Recommended Answers

All 3 Replies

Member Avatar for TKSS

I would give openVPN a try. You can use UDP or TCP/IP ports for the tunnel and you can go cross platform from Solaris to Red Hat easily. I've had nothing but good things happen for my OpenVPN install and use.

http://openvpn.sourceforge.net/

Hope this is what you're looking for...it's a great prog.

Member Avatar for i686-linux

Thanks, I appreciate your quick response. I have used OpenVPN before, and yes it is a great solution but I was hoping for a simple solution, not quite so heavy as installing a full vpn solution. I was hoping for just some kind of solution using ppp/ssh, ssh tunneling, or something like that. One, for simplicity, two, I don't need full access to resources between the boxes, just one port (10080/udp), and three, the solaris box has no development tools. I suppose I could make a dirty attempt at cross-compiling for Sparc64 on my linux box, but would rather not try that. It leaves too much room for error. Maybe I'm asking too much from too little.

Member Avatar for i686-linux

This is all it took:

On internal machine:
#ssh -R 39:localhost:23 root@dmzmachine

On dmzmachine:
#telnet localhost 39
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.


SunOS 5.7

login:

I used telnet for an example, but now I can forward "anything."

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.