- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
Enhanced Security Measures in Place: To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.
06-12-2016 03:10 AM
I have a Palo Alto PA-200 and the setup I'm trying to configure is as below.
06-12-2016 03:59 AM - edited 06-12-2016 04:43 AM
Can you explain what you mean by mail acess.
Are you receiving mail or users are using mail client to pull mail in from mail server?
06-12-2016 04:12 AM - edited 06-12-2016 04:29 AM
Create additional zone for ADSL links and the "LankaCom" (interfaces 3/3.62, 3/3.63, 3/3/64) and DMZ. And allow specific traffic you need. Make sure your routing table correct
06-12-2016 10:15 AM
Can you show us the routing table? I am assumping each DSL has it's own IP and interface. How are you telling the traffic what interface to go to? Are you using policy based routing? or doing static routes?
06-12-2016 09:22 PM
There are 2 mail servers in DMZ zone. One server for Admin staff and one for general staff. Only the ADSL links and the LankaCom link has the public IP's. LankaCom link is used for mail transfering to both servers. In case lankaCom link fails, ADSL links are used as backup links for each mail server.
06-12-2016 09:25 PM
VIRTUAL ROUTER: Default_SLT-FL-LAN (id 3)
==========
destination nexthop metric flags age interface next-AS
0.0.0.0/0 10.100.60.1 10 A S ethernet1/1.60
0.0.0.0/0 10.100.61.1 15 S ethernet1/1.61
10.100.60.0/24 10.100.60.254 0 A C ethernet1/1.60
10.100.60.254/32 0.0.0.0 0 A H
10.100.61.0/24 10.100.61.254 0 A C ethernet1/1.61
10.100.61.254/32 0.0.0.0 0 A H
192.168.15.0/24 192.168.45.254 10 A S ethernet1/2
192.168.20.0/24 192.168.45.254 10 A S ethernet1/2
192.168.30.0/24 192.168.45.254 10 A S ethernet1/2
192.168.45.0/24 192.168.45.253 0 A C ethernet1/2
192.168.45.253/32 0.0.0.0 0 A H
192.168.100.0/23 192.168.45.254 10 A S ethernet1/2
total routes shown: 12
VIRTUAL ROUTER: VR2_SLT-AD-LC (id 4)
==========
destination nexthop metric flags age interface next-AS
10.100.1.0/24 10.100.1.100 10 S ethernet1/3.62
10.100.1.0/24 10.100.1.253 0 A C ethernet1/3.62
10.100.1.253/32 0.0.0.0 0 A H
20.100.2.0/24 20.100.2.100 10 S ethernet1/3.63
20.100.2.0/24 20.100.2.253 0 A C ethernet1/3.63
20.100.2.253/32 0.0.0.0 0 A H
192.168.2.0/24 192.168.2.253 0 A C ethernet1/3.64
192.168.2.0/24 192.168.2.254 10 S ethernet1/3.64
192.168.2.253/32 0.0.0.0 0 A H
total routes shown: 9
06-12-2016 09:38 PM
I have used Policy based routing to transfer traffic through fiber links. Fiber links are working in failover mode. I have added a static route in core switch to transfer mail traffic to DMZ zone. But with what I'm experiencing, this route doesn't work since all the traffic are going through fiber links.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!