Nico Pagliaro wrote: > Ok, I will explain why I need this > > I have 2 ISP and 2 firewall and I want to have 2 MX records, one per > firewall/ISP > So, the map look like this > > ISP1/FW1 > 192.168.0.1 <http://192.168.0.1> > > > LAN MailSrvr 192.168.0.110 <http://192.168.0.110> > (deafult gw 192.168.0.1 <http://192.168.0.1>) > > ISP2/FW2 192.168.0.4 <http://192.168.0.4> > > > The problem is that the Mail server have 1 default gw, 192.168.0.1 > <http://192.168.0.1> and when a packet comes from ISP2 the mail server > return the packet to the ISP1 because the default gw. This happens > because the mail server receive a packet from a External IP, so the > connection SYN_SENT in my mail server is to a external IP.- > So, how can I fix it? I think that one solution is that all the > connection to the mail server thought FW1 or FW2 are masq with the > internal IP, in the situation the mail sevrer CAN return the packet to > the Internal IP.
If the mail server is a Linux machine, you could run Shorewall-perl 4.2.0 on the mail server and use the new feature that allows two or more providers through a single interface (your two firewalls would be the two providers). Or you could use Shorewall multi-ISP support and only have one firewall that serves both ISPs. -Tom -- Tom Eastep \ The ultimate result of shielding men from the Shoreline, \ effects of folly is to fill the world with fools. Washington, USA \ -Herbert Spencer http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
