On 6/26/20 10:06 AM, Norman Henderson wrote: > Hello! We have an external IP on a gateway server outside the > organization that receives SMTP Email from a spam filter provider, and > forwards it to an internal server over VPN using DNAT: > > DNAT Dirty:<our spam filter provider IP> CEM01:10.0.69.5 tcp > 25,465 - <our public IP that is allowed to receive from the spam > filter provider> > > The thing is that we now have two internal Email servers. Inside the > organization, DNS round-robin takes care of ensuring client access to > whichever server is available. > > Is there any way to DNAT to two different internal IP addresses? Or how > should I approach this? >
If the internal IP addresses are consecutive, you can specify <ip1>-<ip2> as the server ip address in the DEST column. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster Shoreline, \ with an international standard? Washington, USA \ A: Someone who makes you an offer you http://shorewall.org \ can't understand \________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
