Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

NATing to a machine situated over a VPN

Posted on 2008-10-14
5
Medium Priority
?
303 Views
Last Modified: 2013-11-16
We have our data centre connected via a WES to our head office and mail server.  When this link fails we have a VPN configured for use as failover.

Our MX record points towards the data centre so I am wondering if there is a way that when the WES fails I am still able to use get mail to the mail server that now resides over a VPN?
0
Comment
Question by:wanstor
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 32

Expert Comment

by:dpk_wal
ID: 22717874
As I understand you normally use the MX IP which is a public IP to get your emails when your normal web connection is available; when the connection fails as you are VPN tunnel I think you need to use internal IP of server, rather than the public IP; if this is the case, you can configure your DNS to resolve the mail server on private IP as well; this would ensure that the clients would try both the IP addresses.

Thank you.
0
 
LVL 8

Expert Comment

by:Jay_Gridley
ID: 22719639
You could try creating a second MX record with a higher prio. The lowest prio will be tried first. If it's succesful then it's delivered. If it's unsuccesful it will try the next IP.

I'm not completely sure I understood the question correctly, but I think this the solution you are looking for.

JG
0
 
LVL 1

Author Comment

by:wanstor
ID: 22719722
I am aware that I can have a secondary MX record and I have that in place.  It's more so the idea of having an external address at our data centre NAT'ed from a machine down a VPN.  



Remote Site-------------------------------Data Centre
                                 VPN
Internal Server IP                                  External IP
192.168.1.1----------------------------------1.1.1.1


       
0
 
LVL 8

Expert Comment

by:Jay_Gridley
ID: 22719771
I don't quite understand why you would do that. Maybe I still don't quite understand your question....

I would think that you would have the external IP address for your mailserver as your 'primary' MX and the internal IP address (i.e. the address that would be able to reach over the tunnel) as your 'secondary 'MX.

This way when your server is unreachable over it's external IP it would fall back to it's secondary, the internal IP and go through the tunnel.
0
 
LVL 1

Accepted Solution

by:
wanstor earned 0 total points
ID: 22722575
This is one of our clients sites and they have a 100mb WES to the data centre which has an equal pipe to the web as opposed to ADSL.
0

Featured Post

Veeam Task Manager for Hyper-V

Task Manager for Hyper-V provides critical information that allows you to monitor Hyper-V performance by displaying real-time views of CPU and memory at the individual VM-level, so you can quickly identify which VMs are using host resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question