Solved

SonicWall NAT

Posted on 2014-03-07
6
353 Views
Last Modified: 2014-03-10
Hello Experts!

I have a working NSA2400 with failover (ATT & Comcast).

All my inbound mail flows via ATT (X1) and outbound via Comcast (X5). I would like to have outbound mail also flow via (X1) instead of going through the other NAT on X5.

How can that be adjusted?

Thanks much!

Marek
0
Comment
Question by:maredzki
  • 2
  • 2
  • 2
6 Comments
 
LVL 15

Assisted Solution

by:Perarduaadastra
Perarduaadastra earned 100 total points
ID: 39913736
Just set an outbound rule for SMTP traffic to go out on the X1 interface.

However, if you're running your own mail server you will need to adjust your MX records to include the X1 public IP address, or you'll find that your mailserver gets star billing on numerous RBLs.
0
 
LVL 8

Accepted Solution

by:
N-W earned 400 total points
ID: 39916581
This is more of a routing question because the Sonicwall automatically creates the NAT rules for WAN connections when you initially set them up. All you should need to do is add a static route for the X1 interface.

Login to your management interface, go to Network --> Routing and create a new entry with the following details:

Source: (Your mail server)
Destination: Any
Service: SMTP
Gateway: X1 Default Gateway
Interface: 1
Metric: 1
Disable route when the interface is disconnected: Checked

This will make all outbound SMTP go through X1 (ATT) and will still allow outbound SMTP through X5 (Comcast) in case the X1 WAN link is down.

As Perarduaadastra has mentioned, you will need to change DNS records but this should be a PTR record, not MX. You'll need to contact your ISP for them to change the PTR for your public IP address to something like "mail.mydomain.com".
0
 
LVL 2

Author Closing Comment

by:maredzki
ID: 39917796
Thanks to both of you for the answer.

Marek
0
Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

 
LVL 2

Author Comment

by:maredzki
ID: 39918398
N-W, in your notes about
Interface: 1
, should that actually say X1?

Marek
0
 
LVL 8

Expert Comment

by:N-W
ID: 39918920
Yes, that should say X1.
0
 
LVL 15

Expert Comment

by:Perarduaadastra
ID: 39918921
N-W, I stand corrected. I should have indeed said that the PTR record needs to be updated, not the MX one.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now