On Wed, 10 Jan 2007, Nathaniel Hall wrote: > I have a master directory server behind a firewall that uses NAT. I > want to place a read only server behind a different firewall. The new > server does have a public IP address. Here is my setup: > > Master <--> Firewall (NAT) <--> Internet <--> Firewall <--> Read-Only > > My initial thought was to write a script (All done and works) that SSHs > to the RO server and creates local and remote SSH tunnels. That would > allow me to point the servers to localhost on specific ports so that > they would get redirect appropriately and securely. Right now I am > having problems getting them work the way I want them to. I had it > partially working yesterday, but they were synchronizing like a normal > system (out of SSH, over port 389). > > Does anybody have any ideas how this should be done securely? It is > going over the Internet, so security is a must. I've had decent luck using stunnel for this sort of thing. I've found it to work a lot more reliably than SSH tunnels.
