Hi all trying to setup some redunancy and I wanted to know if the following was possible. I will try and diagram it as best as I can using ascii
ISP1 ISP2 | | | | Cisco PIX ----- DMZ ------ Netscreen25 | | | | ----------------------------------------------- | | LAN over several VLAN's
So, can I basically have the one DMZ pointing to two DMZ interfaces on two firewalls? I want it so that mail will flow no mater what. I will get my ISP to add another MX record pointing to my ISP2 public IP so if ISP1 goes down I will still get mail and be able to send mail. I have a MailMarshal SPAM server in the DMZ and it just uses DNS to ensure a connection is active (so I believe), I can then just add a static route pointing the DNS for ISP2 to the Netscreen on the Spam server. The default route on this server is set to go to the DMZ interface of the PIX. I also have a Squid proxy server in the DMZ and want to try and do something similar so I have internet redundancy
Any comments or suggestions would be most welcome
Scott