Solved

Problems using two WAN-Interfaces (Policy Based Routing) on ASTARO ASG120

Posted on 2008-06-24
3
1,482 Views
Last Modified: 2008-06-27
Following scenario:

On our Astaro ASG120 we've got these Interface-Configuration:

ETH0 = Internal Network
ETH1 is the default internet connection. We receive SMTP-Mails over the fixed ip and forward them to our "internal" Exchange Server.
ETH2 is a dial up adsl connection that we use for web surfing.

The problem is, how can i achieve that http and ftp traffic (after they have passed the web filter/proxy) uses the fast Internet Connection on ETH2. I tried to create Policy Based Routing Rules i.e.

HTTP / HTTPS / FTP from INTERNAL Network with ANY DESTINATION use ETH2.

But these rules does't have any effect. Web-Traffic still runs on ETH1.
0
Comment
Question by:sam_berlin
  • 2
3 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 21861999
What version of the ASG software are you using?
0
 
LVL 57

Accepted Solution

by:
giltjr earned 250 total points
ID: 21862017
Have you followed:

http://portal.knowledgebase.net/display/2n/kb/article.asp?aid=202274&n=3&s=1

If you are using both the smtp and http proxy, then you seem to be out of luck.  According to the above if you are using the proxy, you can't policy route for that protocol.  You need to setup the default route based on which interface you want the proxied traffic to use and then policy route the other traffic to the other interface.

Since you want smtp traffic to go out one interface and http another, if you are using the proxy for both you can accomplish this.

Now if you are just using the proxy for one, or not at all.  Then policy based routing should work.
0
 

Author Comment

by:sam_berlin
ID: 21882911
Thanks for your answer. As a workaround we now use just the ADSL-Connection as the standard gateway and send outgoing emails via smarthost.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now