Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Setting up multiple DSL connections on SonicWall NSA250M

Posted on 2013-06-15
8
263 Views
Last Modified: 2014-09-04
Hi there, I am hoping somebody can help me. I have a SonicWall NSA250M and have recently acquired a second DSL line (our connection speed is poor). I have managed to add the new connection as the X3 interface and added it to the load balancing (round robin) group.

We can see the increased performance when browsing the net but I have a problem; when the second line is connected we lose the ability to send emails - is this an access group/routing issue? Also, if I go to a web browser and check my ip, I get both external ip's - this is not in itself a problem, but can I stop the second line broadcasting its ip?

Hope you can help.

Thanks

James
0
Comment
Question by:ilikeulike
  • 4
  • 2
  • 2
8 Comments
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 500 total points
ID: 39251934
Not sure what you mean by "broadcasting its ip".

However, when you go out the 2nd link, your firewell will NAT/PAT the IP address provided by your 2nd ISP.  So whenever you go out the 2nd link, you have your 2nd ISP's IP address.  Nothing you can do about this, because that is how it works.

As for sending e-mail.  It it all e-mail or just some e-mail?  I would expect  that you may have problems sometimes when your SMTP server tries to go out the second link.  The receiving side will see your domain/host name coming from your 2nd ISP's address.  If it does a forward lookup for your host/domain name it will not match.  Some SMTP servers will reject e-mail when this happens.
0
 

Author Comment

by:ilikeulike
ID: 39252975
hi there, you are correct, it is not all email, just email that presumably tries to go out on the X3 interface. This is when we get the error 550 relaying message.  Can i set up a rule to force email to use the original interface?

Thanks

James
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39254441
Not really familiar with SonicWall, I look at the doc but you should be able to.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39254938
It's probably the common https doesn't work with round robin load balancing. You either have to choose a percent mode or make rules to push all https traffic through one interface.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39256611
What does https have to do with SMTP traffic?

Anyhow.

It looks like Sonicwall support route policies.  So you can setup a route policy so that traffic from your SMTP server is forced out a specific interface.  You can either do all traffic from your SMTP server, or just port 25 traffic.

Example of screen shot is here:

http://www.mojocode.com/content/isolating-load-balanced-connection-sonicwall
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39256643
Smtp is frequently done using ssl on port 587. So it's the same problem as https.
0
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 39257385
Well yes, but in this case I doubt it.

When one SMTP server sends e-mail to another SMTP server it uses port 25 clear text.

Port 587 can be used by an e-mail client to send e-mail to its SMTP server using SSL.

I am making the assumption ilikeulike's problem deals SMTP server to SMTP server communications.

Although it is possible that ilikeulike hosts their SMTP server external to his company and their e-mail clients use 587 and SSL to communicate with it.

In which case the route policy would need to include all IP addresses trying to communicate to port 587.
0
 

Author Comment

by:ilikeulike
ID: 39258484
Hi guys, thanks for the great discussion. I will check out the routing rules today. To clarify, we have our Exchange server on our local network.
Thanks

James
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Non Distrubtive Core Switch Repacement 8 32
Help logging in to my router 12 57
Monitor Bandwidth throughput in Fortigate 100D 1 35
Sonicwall guest user accounts 2 21
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question