I am trying to understand the possible solutions/mechanisms/ideas for
the following problem. I have number of clients and a management
station as shown below.
Clients 1 to n <------>Router/FW with NAT 1 to m <-------->Mgmt
Station
The management station maintains configuration for all the clients.
The management station should be able to reach any of the client and
push configuration changes to the client (when administrator wants to
change a client's configuration). And any client should be able to
pull the configuration from the management station either periodically
or when a user on the client requests to sync the configuration from
management station.
Both client and mgmt station support certificate based authentication
and will have to send the configuration data in SSL tunnel. The
client's IP can change dynamically, and whenever IP changes, the
client should be able to notify the management station with the
changed IP address.
Preferably, all of this should happen with minimal changes to the FW
and NAT rules that are existing. The NAT may have multiple levels.
Only the first NAT FW device may be in our control (as it belongs to
the enterprise), other NAT FWs may not be in our control.
Any possible solutions/mechanisms/ideas/pointers for further reading
are greatly helpful for me.
thanks a lot,
Raju MVR
(E-Mail Removed)
Similar Threads
Linear Mode
