Solved

Setting up multiple DSL connections on SonicWall NSA250M

Posted on 2013-06-15
8
261 Views
Last Modified: 2014-09-04
Hi there, I am hoping somebody can help me. I have a SonicWall NSA250M and have recently acquired a second DSL line (our connection speed is poor). I have managed to add the new connection as the X3 interface and added it to the load balancing (round robin) group.

We can see the increased performance when browsing the net but I have a problem; when the second line is connected we lose the ability to send emails - is this an access group/routing issue? Also, if I go to a web browser and check my ip, I get both external ip's - this is not in itself a problem, but can I stop the second line broadcasting its ip?

Hope you can help.

Thanks

James
0
Comment
Question by:ilikeulike
  • 4
  • 2
  • 2
8 Comments
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 500 total points
ID: 39251934
Not sure what you mean by "broadcasting its ip".

However, when you go out the 2nd link, your firewell will NAT/PAT the IP address provided by your 2nd ISP.  So whenever you go out the 2nd link, you have your 2nd ISP's IP address.  Nothing you can do about this, because that is how it works.

As for sending e-mail.  It it all e-mail or just some e-mail?  I would expect  that you may have problems sometimes when your SMTP server tries to go out the second link.  The receiving side will see your domain/host name coming from your 2nd ISP's address.  If it does a forward lookup for your host/domain name it will not match.  Some SMTP servers will reject e-mail when this happens.
0
 

Author Comment

by:ilikeulike
ID: 39252975
hi there, you are correct, it is not all email, just email that presumably tries to go out on the X3 interface. This is when we get the error 550 relaying message.  Can i set up a rule to force email to use the original interface?

Thanks

James
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39254441
Not really familiar with SonicWall, I look at the doc but you should be able to.
0
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 39254938
It's probably the common https doesn't work with round robin load balancing. You either have to choose a percent mode or make rules to push all https traffic through one interface.
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 57

Expert Comment

by:giltjr
ID: 39256611
What does https have to do with SMTP traffic?

Anyhow.

It looks like Sonicwall support route policies.  So you can setup a route policy so that traffic from your SMTP server is forced out a specific interface.  You can either do all traffic from your SMTP server, or just port 25 traffic.

Example of screen shot is here:

http://www.mojocode.com/content/isolating-load-balanced-connection-sonicwall
0
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 39256643
Smtp is frequently done using ssl on port 587. So it's the same problem as https.
0
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 39257385
Well yes, but in this case I doubt it.

When one SMTP server sends e-mail to another SMTP server it uses port 25 clear text.

Port 587 can be used by an e-mail client to send e-mail to its SMTP server using SSL.

I am making the assumption ilikeulike's problem deals SMTP server to SMTP server communications.

Although it is possible that ilikeulike hosts their SMTP server external to his company and their e-mail clients use 587 and SSL to communicate with it.

In which case the route policy would need to include all IP addresses trying to communicate to port 587.
0
 

Author Comment

by:ilikeulike
ID: 39258484
Hi guys, thanks for the great discussion. I will check out the routing rules today. To clarify, we have our Exchange server on our local network.
Thanks

James
0

Featured Post

Save on storage to protect fatherhood memories

You're the dad who has everything. This Father's Day, make sure your family memories are protected. My Passport Ultra has automatic backup and password protection to keep your cherished photos and videos safe. With up to 3TB, you have plenty of room to hold the adventures ahead.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now