Hi everyone, I'm have experienced some problems since a installed a second ISP on my network.
ISP1 1 1 main eth0 xxx.xxx.xxx.xxx track,balance=1 eth2,eth3 ISP2 2 2 main eth1 xxx.xxx.xxx.xxx track,balance=3 eth2,eth3 ISP1 = 2Mbit / 13 valid ips ISP2 = 4Mbit / 5 valid ips I want to use just ISP2 for all outgoing connections. However, my SMTP messages must use one of ISP1 valid IPs. Moreover, ISP1 must take over if the primary link fails. I tried to use this configuration in tcrules file: MARK SOURCE DEST PROTO PORT(S) CLIENT USER TEST # PORT(S) 1:P 192.168.1.2 0.0.0.0/0 tcp smtp,smtps # FOR SMTP MAIL SERVER My masq file is working like this: #INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC MARK eth1 0.0.0.0/0 xxx.xxx.xxx.xxx eth0 0.0.0.0/0 xxx.xxx.xxx.xxx eth0:2 192.168.1.2 xxx.xxx.xxx.xxx tcp smtp,smtps # FOR SMTP MAIL SERVER At this moment, I'm having problems sending e-mails to other servers. Thanks for your help. Best regards, João ------------------------------------------------------------------------------ Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex infrastructure or vast IT resources to deliver seamless, secure access to virtual desktops. With this all-in-one solution, easily deploy virtual desktops for less than the cost of PCs and save 60% on VDI infrastructure costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
