Solved

Setting up multiple DSL connections on SonicWall NSA250M

Posted on 2013-06-15
8
267 Views
Last Modified: 2014-09-04
Hi there, I am hoping somebody can help me. I have a SonicWall NSA250M and have recently acquired a second DSL line (our connection speed is poor). I have managed to add the new connection as the X3 interface and added it to the load balancing (round robin) group.

We can see the increased performance when browsing the net but I have a problem; when the second line is connected we lose the ability to send emails - is this an access group/routing issue? Also, if I go to a web browser and check my ip, I get both external ip's - this is not in itself a problem, but can I stop the second line broadcasting its ip?

Hope you can help.

Thanks

James
0
Comment
Question by:ilikeulike
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
8 Comments
 
LVL 57

Assisted Solution

by:giltjr
giltjr earned 500 total points
ID: 39251934
Not sure what you mean by "broadcasting its ip".

However, when you go out the 2nd link, your firewell will NAT/PAT the IP address provided by your 2nd ISP.  So whenever you go out the 2nd link, you have your 2nd ISP's IP address.  Nothing you can do about this, because that is how it works.

As for sending e-mail.  It it all e-mail or just some e-mail?  I would expect  that you may have problems sometimes when your SMTP server tries to go out the second link.  The receiving side will see your domain/host name coming from your 2nd ISP's address.  If it does a forward lookup for your host/domain name it will not match.  Some SMTP servers will reject e-mail when this happens.
0
 

Author Comment

by:ilikeulike
ID: 39252975
hi there, you are correct, it is not all email, just email that presumably tries to go out on the X3 interface. This is when we get the error 550 relaying message.  Can i set up a rule to force email to use the original interface?

Thanks

James
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39254441
Not really familiar with SonicWall, I look at the doc but you should be able to.
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39254938
It's probably the common https doesn't work with round robin load balancing. You either have to choose a percent mode or make rules to push all https traffic through one interface.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39256611
What does https have to do with SMTP traffic?

Anyhow.

It looks like Sonicwall support route policies.  So you can setup a route policy so that traffic from your SMTP server is forced out a specific interface.  You can either do all traffic from your SMTP server, or just port 25 traffic.

Example of screen shot is here:

http://www.mojocode.com/content/isolating-load-balanced-connection-sonicwall
0
 
LVL 39

Expert Comment

by:Aaron Tomosky
ID: 39256643
Smtp is frequently done using ssl on port 587. So it's the same problem as https.
0
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 39257385
Well yes, but in this case I doubt it.

When one SMTP server sends e-mail to another SMTP server it uses port 25 clear text.

Port 587 can be used by an e-mail client to send e-mail to its SMTP server using SSL.

I am making the assumption ilikeulike's problem deals SMTP server to SMTP server communications.

Although it is possible that ilikeulike hosts their SMTP server external to his company and their e-mail clients use 587 and SSL to communicate with it.

In which case the route policy would need to include all IP addresses trying to communicate to port 587.
0
 

Author Comment

by:ilikeulike
ID: 39258484
Hi guys, thanks for the great discussion. I will check out the routing rules today. To clarify, we have our Exchange server on our local network.
Thanks

James
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question