05-07-2017 11:45 AM - edited 05-07-2017 02:00 PM
I'm wondering if anyone has a similar setup and got it working. I'd like to have both SMTP services enabled on two ISPs for load-balancing and redundancy. I tried using PBF but couldn't get it working. It seems SMTP for ISP1 works fine but SMTP for ISP2 comes into the firewall but the application is incomplete. Which tells me the 3 way handshake is not completing. I took a pcap and didn't see any drops however. I followed the articles below as guidelines:
eth1/1.2 ISP1 1.1.1.1
eth 1/1.3 ISP2 2.2.2.2
Inside 10.1.1.1 - STMP server is 10.1.1.25
Security allows SMTP traffic to both ISPs
NATs for both ISPs (inbound and outbound on SMTP service)
Default route is 2.2.2.2
PBF to force symmetric return if interface comes in from from eth1/1.3
PBF forces browsing to 1.1.1.1
From what I can tell all the policies that I've defined are being hit and symmetric return is being acknowledged but the traffic is not going through. Traffic for ISP1 is identified as SMTP but for ISP2, it is incomplete.
I've got a TAC opened but also wanted to check with our awesome community!
Thanks folks!
05-07-2017 03:07 PM - edited 05-08-2017 01:01 AM
Hi @x,
do you have a single Virtual Router with attached both ISPs?
I suggest you to follow this article:
You need to follow this article without the VPN parts.
I have already done the same configuration you described and it works fine.
Let me know.
Jacopo
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
