We've tried this 10 different ways, so far it has not worked.
Current Config is two pfsense 1.22 firewalls with CARP two WAN
connections (not load balanced or failover) (covad & att), with a DMZ
interface where our mail and other internet servers live.
I want the mail server to only make SMTP connections using the AT&T
interface, but it defaults to using the WAN interface (on the Covad). We
route all generic traffic over the covad 10mb wan link (the default) and
for server-to-server traffic (such as Iron Mountain backups we route to
a specific ip block or address over the AT&T interface.
It is obvious how to do this with a static route when you have a
specific address or block to communicate with, but to say "all traffic
'from this DMZ address to anywhere' should be transmitted via the AT&T
link" is not working.
A posting on this same subject on the forum (by my 'nix admin guy):
http://forum.pfsense.org/index.php/topic,17066.0.html
- Joel
.
Chris Buechler wrote:
On Tue, Jun 16, 2009 at 1:37 PM, JJB<[email protected]> wrote:
Yes, setup your rules on the interface with the mail server accordingly.
I don't know how to set up pfsense to bind the mail server to the AT&T
network interface instead of the Covad, can someone provide me with details
of how this would be done? It doesn't look like static routes would work
since the mail server needs to talk to an unlimited # of machines on the
internet.
Just add a firewall rule matching traffic from the mail server and
select the appropriate gateway or failover pool.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
We
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
Commercial support available - https://portal.pfsense.org
