<div dir="ltr">I've not used it for this, but maybe you should look into setting up a VPN between the two servers using OpenVPN. This is essentially the same as what you're looking at using SSH for, except it would actually be a real VPN instead of hacking some stuff through SSH port forwards.<br>
<br><div class="gmail_extra"><div><br>❧ Brian Mathis</div>
<br><br><div class="gmail_quote">On Mon, Sep 16, 2013 at 2:41 PM, Alex Carver <span dir="ltr"><<a href="mailto:agcarver+ale@acarver.net" target="_blank">agcarver+ale@acarver.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
I'm working on setting up a pair of systems that will need to have the storage volumes on one (file server) mounted by the other (application server). The first problem is they're both going to be on different subnets (no choice).<br>
<br>
I'd like to have a secure link between the two. I could set up NFS though that exposes the NFS server's ports to all machines (although I suppose I could also run iptables and allow only the app server through). I was thinking it might be possible to tunnel NFS (or something similar and suitable) via SSH. Then I only need the SSH port open on the server.<br>
<br>
The problem is that any document I find for tunneling NFS seems to be several years old.<br>
<br>
Thoughts?<br>
______________________________<u></u>_________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org" target="_blank">Ale@ale.org</a><br>
<a href="http://mail.ale.org/mailman/listinfo/ale" target="_blank">http://mail.ale.org/mailman/<u></u>listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" target="_blank">http://mail.ale.org/mailman/<u></u>listinfo</a><br>
</blockquote></div><br></div></div>