Back here now... On Tue, May 15, 2012 at 8:53 AM, Richard McClary <[email protected]>wrote:
> The external FQDN for the gateway is “faxcore1.mwro.aspca.org”. > I see this from here. > There is an MX record for “faxcore1.mwro.” with the data entry > “faxcore1.mwro.aspca.org.” (priority of 10). > I believe I just beat this issue to death in my previous message. This is MIP’d in through our firewall to the IP address for > “faxcore1.aspca.local”. > What does "MIP" mean? Port forwarding? Something fancier? What is the IP address for <faxcore1.aspca.local.>. (I realize it's probabbly an RFC-1918 private address, but to figure out what's wrong we're going to need to understand your network topology.) > There is an MX record “faxcore1.aspca.local”. > Explain this more, please. You can't have a DNS record with just one piece of information. > However, with the internet connection “broken”, all our MIP’d DNS entries > had no way back into our firewall. > Please explain "our MIP’d DNS entries had no way back into our firewall". Keep in mind that I don't know your firewall configuration, network topology, or (in all likelihood) the vendor-specific terminology your firewall vendor uses. > faxcore2.mwro A 38.96.187231**** > I presume this really means: faxcore2.mwro.aspca.org. A 38.96.187.231 > faxcore1.mwro. MX 20 faxcore2.mwro.aspca.org.**** > Again, if that trailing dot really is there, that DNS record is doing nothing useful. That could be your problem right there. Since you're trying to tell the world that <faxcore1.mwro.aspca.org.> is reachable by two different mail exchangers, the A record behavior I explained previously is no longer sufficient. > The NYC firewall has the 38.x.x.x address MIP’d and has the same policy > settings as the Illinois firewall. > That's really unclear. Are you trying to say the firewall at 38.96.187.231 has a port forwarding rule, such that inbound traffic on TCP/25 is forwarded from your NYC firewall to your Illinois fax server's private IP address, routed via your WAN cloud? (It might help if you gave us IP addresses here, too.) > **** > (FWIW, I’ve also added an MX record, priority 25, for > faxcore2.aspca.local. .) > See previous remark on explaining MX records. :) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
