2 to 1 Proxy

Discussion in 'Cisco' started by putegrain@gmail.com, Aug 28, 2006.

  1. Guest

    Keep in mind these are all public IP addresses....

    I have two mail servers 123.123.123.1 and 123.123.123.2 off of Fast0/1
    of a Cisco 7200. I have my Internet connection on Fast0/2. Using
    Cisco IOS w/ or w/o Firewall Image, is there a way to redirect SMTP
    traffic to 123.123.123.2 coming from a certain range on the Internet
    that's requesting 123.123.123.1?

    Thanks

    -pute
    , Aug 28, 2006
    #1
    1. Advertising

  2. beckteck Guest

    Can't you create an extended accesslist and apply it incoming on fa0/2.
    Create the list to direct all traffic from said range equaling port 25
    to your .2 address. Then create your any/all port 25 traffic (for all
    non matching addresses) to go to your .1 host.

    -beckteck

    wrote:
    > Keep in mind these are all public IP addresses....
    >
    > I have two mail servers 123.123.123.1 and 123.123.123.2 off of Fast0/1
    > of a Cisco 7200. I have my Internet connection on Fast0/2. Using
    > Cisco IOS w/ or w/o Firewall Image, is there a way to redirect SMTP
    > traffic to 123.123.123.2 coming from a certain range on the Internet
    > that's requesting 123.123.123.1?
    >
    > Thanks
    >
    > -pute
    beckteck, Aug 28, 2006
    #2
    1. Advertising

  3. Thrill5 Guest

    "beckteck" <> wrote in message
    news:...
    > Can't you create an extended accesslist and apply it incoming on fa0/2.
    > Create the list to direct all traffic from said range equaling port 25
    > to your .2 address. Then create your any/all port 25 traffic (for all
    > non matching addresses) to go to your .1 host.
    >
    > -beckteck
    >
    > wrote:
    >> Keep in mind these are all public IP addresses....
    >>
    >> I have two mail servers 123.123.123.1 and 123.123.123.2 off of Fast0/1
    >> of a Cisco 7200. I have my Internet connection on Fast0/2. Using
    >> Cisco IOS w/ or w/o Firewall Image, is there a way to redirect SMTP
    >> traffic to 123.123.123.2 coming from a certain range on the Internet
    >> that's requesting 123.123.123.1?
    >>
    >> Thanks
    >>
    >> -pute

    >

    The easiest way to load balance traffic to two SMTP servers is to use the
    same metric for both servers in the DNS MX records for the domains.

    Scott
    Thrill5, Aug 29, 2006
    #3
  4. Guest

    Can create access lists to allow or deny from and to but don't know how
    to "direct" them. If you had an example, I could pick up on it.

    Thanks

    -pute


    beckteck wrote:
    > Can't you create an extended accesslist and apply it incoming on fa0/2.
    > Create the list to direct all traffic from said range equaling port 25
    > to your .2 address. Then create your any/all port 25 traffic (for all
    > non matching addresses) to go to your .1 host.
    >
    > -beckteck
    >
    > wrote:
    > > Keep in mind these are all public IP addresses....
    > >
    > > I have two mail servers 123.123.123.1 and 123.123.123.2 off of Fast0/1
    > > of a Cisco 7200. I have my Internet connection on Fast0/2. Using
    > > Cisco IOS w/ or w/o Firewall Image, is there a way to redirect SMTP
    > > traffic to 123.123.123.2 coming from a certain range on the Internet
    > > that's requesting 123.123.123.1?
    > >
    > > Thanks
    > >
    > > -pute
    , Aug 29, 2006
    #4
  5. Guest

    Scott,

    I'm not looking to load balance, but actually setup two mail servers
    dedidcated for two ranges of IPs. Both ranges think their is only one
    mail server (which is what I want) so I need to filter the traffic and
    redirect it accordingly.

    I have plenty of Cisco gear and spare servers to play with. Would like
    to see if I can accomplish this without buying different appliances or
    software.

    Thanks

    -pute


    Thrill5 wrote:
    > "beckteck" <> wrote in message
    > news:...
    > > Can't you create an extended accesslist and apply it incoming on fa0/2.
    > > Create the list to direct all traffic from said range equaling port 25
    > > to your .2 address. Then create your any/all port 25 traffic (for all
    > > non matching addresses) to go to your .1 host.
    > >
    > > -beckteck
    > >
    > > wrote:
    > >> Keep in mind these are all public IP addresses....
    > >>
    > >> I have two mail servers 123.123.123.1 and 123.123.123.2 off of Fast0/1
    > >> of a Cisco 7200. I have my Internet connection on Fast0/2. Using
    > >> Cisco IOS w/ or w/o Firewall Image, is there a way to redirect SMTP
    > >> traffic to 123.123.123.2 coming from a certain range on the Internet
    > >> that's requesting 123.123.123.1?
    > >>
    > >> Thanks
    > >>
    > >> -pute

    > >

    > The easiest way to load balance traffic to two SMTP servers is to use the
    > same metric for both servers in the DNS MX records for the domains.
    >
    > Scott
    , Aug 29, 2006
    #5
  6. Thrill5 Guest

    <> wrote in message
    news:...
    > Scott,
    >
    > I'm not looking to load balance, but actually setup two mail servers
    > dedidcated for two ranges of IPs. Both ranges think their is only one
    > mail server (which is what I want) so I need to filter the traffic and
    > redirect it accordingly.
    >
    > I have plenty of Cisco gear and spare servers to play with. Would like
    > to see if I can accomplish this without buying different appliances or
    > software.
    >
    > Thanks
    >
    > -pute
    >
    >
    > Thrill5 wrote:
    >> "beckteck" <> wrote in message
    >> news:...
    >> > Can't you create an extended accesslist and apply it incoming on fa0/2.
    >> > Create the list to direct all traffic from said range equaling port 25
    >> > to your .2 address. Then create your any/all port 25 traffic (for all
    >> > non matching addresses) to go to your .1 host.
    >> >
    >> > -beckteck
    >> >
    >> > wrote:
    >> >> Keep in mind these are all public IP addresses....
    >> >>
    >> >> I have two mail servers 123.123.123.1 and 123.123.123.2 off of
    >> >> Fast0/1
    >> >> of a Cisco 7200. I have my Internet connection on Fast0/2. Using
    >> >> Cisco IOS w/ or w/o Firewall Image, is there a way to redirect SMTP
    >> >> traffic to 123.123.123.2 coming from a certain range on the Internet
    >> >> that's requesting 123.123.123.1?
    >> >>
    >> >> Thanks
    >> >>
    >> >> -pute
    >> >

    >> The easiest way to load balance traffic to two SMTP servers is to use the
    >> same metric for both servers in the DNS MX records for the domains.
    >>
    >> Scott

    >


    I know of no way to do this without a real proxy device, like a CSS. The
    other alternative is to use a "view" on your DNS server so that one "view"
    (set of source IP's) gives out one MX record, and another "view", (default
    set) gives out a different MX record.

    What are you really trying to do? Is one for Internal users and another for
    Internet users? That is the only reason I can think of for trying to do
    what you are asking. If this is the case than there are many different ways
    to solve this problem, but the actual implementation would be base on your
    current network/FW/NAT configuration.

    It would also be helpful if you explained why you are trying to do this.
    Maybe someone could come up with a better and simpler solution than this.

    Scott
    Thrill5, Aug 30, 2006
    #6
  7. Guest

    We have a mail server with a public IP that runs SMTP / POP3. Our
    customers (they are inside our network) use this server for both
    incoming and outgoing mail. We outsource to a mail filtering service
    (our MX records point to their servers,) so we currently have in our
    edge-router's access-lists to only allow SMTP from the mail filtering
    company's IPs. This blocks the rest of the world from seeing our mail
    server's port 25.

    I now have a need for the outside world to be able to see port 25 on
    this mail server, but I don't want to expose the "real" server, instead
    would like to setup another one that will answer to anyone's request on
    port 25 (just the MOTD.)

    As well in the future, I plan on redirecting all of our internal
    traffic requesting a port on a range of servers to a different server.
    This is similuar, but is probably easier, since there is not a
    conditional element in the mix.

    Thanks

    -pute


    Thrill5 wrote:
    > <> wrote in message
    > news:...
    > > Scott,
    > >
    > > I'm not looking to load balance, but actually setup two mail servers
    > > dedidcated for two ranges of IPs. Both ranges think their is only one
    > > mail server (which is what I want) so I need to filter the traffic and
    > > redirect it accordingly.
    > >
    > > I have plenty of Cisco gear and spare servers to play with. Would like
    > > to see if I can accomplish this without buying different appliances or
    > > software.
    > >
    > > Thanks
    > >
    > > -pute
    > >
    > >
    > > Thrill5 wrote:
    > >> "beckteck" <> wrote in message
    > >> news:...
    > >> > Can't you create an extended accesslist and apply it incoming on fa0/2.
    > >> > Create the list to direct all traffic from said range equaling port 25
    > >> > to your .2 address. Then create your any/all port 25 traffic (for all
    > >> > non matching addresses) to go to your .1 host.
    > >> >
    > >> > -beckteck
    > >> >
    > >> > wrote:
    > >> >> Keep in mind these are all public IP addresses....
    > >> >>
    > >> >> I have two mail servers 123.123.123.1 and 123.123.123.2 off of
    > >> >> Fast0/1
    > >> >> of a Cisco 7200. I have my Internet connection on Fast0/2. Using
    > >> >> Cisco IOS w/ or w/o Firewall Image, is there a way to redirect SMTP
    > >> >> traffic to 123.123.123.2 coming from a certain range on the Internet
    > >> >> that's requesting 123.123.123.1?
    > >> >>
    > >> >> Thanks
    > >> >>
    > >> >> -pute
    > >> >
    > >> The easiest way to load balance traffic to two SMTP servers is to use the
    > >> same metric for both servers in the DNS MX records for the domains.
    > >>
    > >> Scott

    > >

    >
    > I know of no way to do this without a real proxy device, like a CSS. The
    > other alternative is to use a "view" on your DNS server so that one "view"
    > (set of source IP's) gives out one MX record, and another "view", (default
    > set) gives out a different MX record.
    >
    > What are you really trying to do? Is one for Internal users and another for
    > Internet users? That is the only reason I can think of for trying to do
    > what you are asking. If this is the case than there are many different ways
    > to solve this problem, but the actual implementation would be base on your
    > current network/FW/NAT configuration.
    >
    > It would also be helpful if you explained why you are trying to do this.
    > Maybe someone could come up with a better and simpler solution than this.
    >
    > Scott
    , Aug 30, 2006
    #7
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mervin Williams

    How to prevent client from applying proxy server

    Mervin Williams, Sep 13, 2004, in forum: Wireless Networking
    Replies:
    1
    Views:
    423
    ptwilliams
    Sep 13, 2004
  2. Replies:
    1
    Views:
    2,962
  3. chellappa

    Inbound Proxy and Outbound Proxy

    chellappa, Apr 7, 2006, in forum: VOIP
    Replies:
    0
    Views:
    2,430
    chellappa
    Apr 7, 2006
  4. James Sleeman
    Replies:
    12
    Views:
    900
    joe_90
    Sep 19, 2004
  5. Replies:
    1
    Views:
    1,624
    alexd
    Feb 25, 2009
Loading...

Share This Page