Need help setting up mail with ClusterXL and ISP Load Balancing

[ppayne]

We are currently in the process of upgrading from Windows 2000, NG FP3 server to a Cluster of 2 splat boxes running ClusterXL with 2 * 10MB Internet feeds, which are load balanced. This obviously have a sub net each.

I have recreated all the objects and rules and everything looks to be working fine. The only think I am yet to setup is the email.

On our old system we have a mailsweeper server that we NAT behind one of the public IP addresses in the same range as the fw and router. The MX record is the NATed IP of the Mailsweeper server.

My question:-

How do I configure the rules and the NAT on the cluster so we can send/receive email and have fail over between the two fws.

[mcnallym]

The NAT is configured so that you have two Dynamic objects called ISP_A and ISP_B. You then create the dynamic objects on the Nodes.

Your outbound NAT rule is thus

Src = MailServer_Int
Dst = ISP_A
xlatesrc = Mailserver_Ext_ISP_A
xlatedst = Original

Src = MailServer_Int
Dst = ISP_B
xlatesrc = Mailserver_Ext_ISP_B
xlatedst = Original

Inbound NAT is

Src = Any
Dst = MailServer_Ext_ISP_A
xlatesrc = Original
xlatedst = MailServer_Int

Src = Any
Dst = MailServer_Ext_ISP_B
xlatesrc = Original
xlatedst = MailServer_Int

Security Rules are

Any MailServer_Ext_ISP_A smtp accept
Any MailServer_Ext_ISP_B smtp accept
MailServer_Int Any smtp accept

Read the document pdfs carefully and also the knowledgebase regarding Static NAT and ISP Redundancy.

These rules allow the traffic through they do not take care of the DNS itself. This is configured under the ISP Redundancy however it requires the DNS to be hosted inside, either that or just use a primary and secondary dns record at your ISP. It won't load balance but it will give failover