Keep in mind these are all public IP addresses....
I have two mail servers 123.123.123.1 and 123.123.123.2 off of Fast0/1 of a Cisco 7200. I have my Internet connection on Fast0/2. Using Cisco IOS w/ or w/o Firewall Image, is there a way to redirect SMTP traffic to 123.123.123.2 coming from a certain range on the Internet that's requesting 123.123.123.1?
Thanks
-pute
Can't you create an extended accesslist and apply it incoming on fa0/2. Create the list to direct all traffic from said range equaling port 25 to your .2 address. Then create your any/all port 25 traffic (for all non matching addresses) to go to your .1 host.
-beckteck
snipped-for-privacy@gmail.com wrote:
The easiest way to load balance traffic to two SMTP servers is to use the same metric for both servers in the DNS MX records for the domains.
Scott
Can create access lists to allow or deny from and to but don't know how to "direct" them. If you had an example, I could pick up on it.
Thanks
-pute
beckteck wrote:
Scott,
I'm not looking to load balance, but actually setup two mail servers dedidcated for two ranges of IPs. Both ranges think their is only one mail server (which is what I want) so I need to filter the traffic and redirect it accordingly.
I have plenty of Cisco gear and spare servers to play with. Would like to see if I can accomplish this without buying different appliances or software.
Thanks
-pute
Thrill5 wrote:
I know of no way to do this without a real proxy device, like a CSS. The other alternative is to use a "view" on your DNS server so that one "view" (set of source IP's) gives out one MX record, and another "view", (default set) gives out a different MX record.
What are you really trying to do? Is one for Internal users and another for Internet users? That is the only reason I can think of for trying to do what you are asking. If this is the case than there are many different ways to solve this problem, but the actual implementation would be base on your current network/FW/NAT configuration.
It would also be helpful if you explained why you are trying to do this. Maybe someone could come up with a better and simpler solution than this.
Scott
We have a mail server with a public IP that runs SMTP / POP3. Our customers (they are inside our network) use this server for both incoming and outgoing mail. We outsource to a mail filtering service (our MX records point to their servers,) so we currently have in our edge-router's access-lists to only allow SMTP from the mail filtering company's IPs. This blocks the rest of the world from seeing our mail server's port 25.
I now have a need for the outside world to be able to see port 25 on this mail server, but I don't want to expose the "real" server, instead would like to setup another one that will answer to anyone's request on port 25 (just the MOTD.)
As well in the future, I plan on redirecting all of our internal traffic requesting a port on a range of servers to a different server. This is similuar, but is probably easier, since there is not a conditional element in the mix.
Thanks
-pute
Thrill5 wrote:
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.