I have a master directory server behind a firewall that uses NAT. I want to place a read only server behind a different firewall. The new server does have a public IP address. Here is my setup: Master <--> Firewall (NAT) <--> Internet <--> Firewall <--> Read-Only My initial thought was to write a script (All done and works) that SSHs to the RO server and creates local and remote SSH tunnels. That would allow me to point the servers to localhost on specific ports so that they would get redirect appropriately and securely. Right now I am having problems getting them work the way I want them to. I had it partially working yesterday, but they were synchronizing like a normal system (out of SSH, over port 389). Does anybody have any ideas how this should be done securely? It is going over the Internet, so security is a must. -- Nathaniel Hall, GSEC GCFW GCIA GCIH GCFA
