wanstor
asked on
NATing to a machine situated over a VPN
We have our data centre connected via a WES to our head office and mail server. When this link fails we have a VPN configured for use as failover.
Our MX record points towards the data centre so I am wondering if there is a way that when the WES fails I am still able to use get mail to the mail server that now resides over a VPN?
Our MX record points towards the data centre so I am wondering if there is a way that when the WES fails I am still able to use get mail to the mail server that now resides over a VPN?
You could try creating a second MX record with a higher prio. The lowest prio will be tried first. If it's succesful then it's delivered. If it's unsuccesful it will try the next IP.
I'm not completely sure I understood the question correctly, but I think this the solution you are looking for.
JG
I'm not completely sure I understood the question correctly, but I think this the solution you are looking for.
JG
ASKER
I am aware that I can have a secondary MX record and I have that in place. It's more so the idea of having an external address at our data centre NAT'ed from a machine down a VPN.
Remote Site---------------------- ---------D ata Centre
VPN
Internal Server IP External IP
192.168.1.1--------------- ---------- ---------1 .1.1.1
Remote Site----------------------
VPN
Internal Server IP External IP
192.168.1.1---------------
I don't quite understand why you would do that. Maybe I still don't quite understand your question....
I would think that you would have the external IP address for your mailserver as your 'primary' MX and the internal IP address (i.e. the address that would be able to reach over the tunnel) as your 'secondary 'MX.
This way when your server is unreachable over it's external IP it would fall back to it's secondary, the internal IP and go through the tunnel.
I would think that you would have the external IP address for your mailserver as your 'primary' MX and the internal IP address (i.e. the address that would be able to reach over the tunnel) as your 'secondary 'MX.
This way when your server is unreachable over it's external IP it would fall back to it's secondary, the internal IP and go through the tunnel.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Thank you.