Astaro User Bulletin Board
Go Back   Astaro User Bulletin Board > Astaro Gateway Products > Management, Networking, Logging and Reporting
Reload this Page 2 Lines different Networks Message Not more than 1 Gateway
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

Welcome to the Astaro User Bulletin Board.
If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Page 1 of 2 1 2
Reply
 
LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 06-26-2009, 10:28 PM
Junior Member
  
Join Date: May 2009
Posts: 12
Question 2 Lines different Networks Message Not more than 1 Gateway
Hi all,

i have in my Astaro integrated 2 NICs for public Servers...
We have two Lines with complete diefferent Networks...

This lines are public Lines... With public IPs.
My first line is on eth1 and the second one should be on eth2...

But i have a Problem in here...
When i set the default Gateway for the second line i get a message:
"Can't have more than one default Gateway."

I have set a Gateway on eth1 for the first public Net..

But this is a problem... I need that Gateway on the second NIC for the second line...

Could anyone help me and tell me, whats the problem is...

Thanks in advance
Reply With Quote
  #2 (permalink)  
Old 06-26-2009, 11:46 PM
BAlfson's Avatar
Moderator
  
Join Date: Mar 2007
Location: Oklahoma City
Posts: 5,393
Default
So, you have two different ISPs and you want to connect both of them. Please describe what you are trying to accomplish - do you want to use one for web surfing and the other for everything else? A diagram, if you have one, would be helpful.

Cheers - Bob
__________________
ACE V7 - Astaro Preferred Partner since V3
Addicted to my iPhone!
Reply With Quote
  #3 (permalink)  
Old 06-27-2009, 12:11 PM
RFCat_vk's Avatar
Wizard
  
Join Date: Aug 2005
Location: Victoria, Australia
Posts: 2,554
Default
Hi,
by default all proxy traffic goes out the default gateway.
You need to route or NAT non proxy traffic (not SIP) to the non gateway link.

Ian M
__________________
Home Power User unlimited licence - v7.50x - AMD X2 5050e with 2gb,1 intel NIC, the onboard NIC and netgear gs108t with vlans.
Reply With Quote
  #4 (permalink)  
Old 06-27-2009, 12:29 PM
khardeveld's Avatar
Member
  
Join Date: Dec 2008
Posts: 58
Default
If I understand correctly, you want two external interfaces, with one ore more services being routed through one interface and the other services trhought the other interface?

If so, you will need policy routing with SNAT. There is a good KB article about this:

http://portal.knowledgebase.net/disp...202274&n=1&s=1
Reply With Quote
  #5 (permalink)  
Old 06-28-2009, 12:09 PM
Junior Member
  
Join Date: May 2009
Posts: 12
Default
Hi all,

thanks for the response and the link... But when i click to the link i get an Error 500 back...

What i want is the following...

2 Lines from two Providers... Theese providers use different networks, so that i need for that two providers, two gateways.

I want that i can reach my servers over this two lines...
So like a backup line.
Reply With Quote
  #6 (permalink)  
Old 06-28-2009, 01:33 PM
BAlfson's Avatar
Moderator
  
Join Date: Mar 2007
Location: Oklahoma City
Posts: 5,393
Default
Once you are in the Astaro KB, the above link will work, or you can just search on the article number, 202274: Astaro Knowledgebase

It's still not clear what you want to do. Where are the servers - inside or outside your Astaro?
__________________
ACE V7 - Astaro Preferred Partner since V3
Addicted to my iPhone!
Last edited by BAlfson; 06-28-2009 at 01:50 PM.
Reply With Quote
  #7 (permalink)  
Old 06-28-2009, 05:53 PM
Junior Member
  
Join Date: May 2009
Posts: 12
Default
Hey...

OK i will try to discribe it now a little better...

In my Astaro i have integrated 4 NICs.

1 Interal
1 DMZ
1 External 1 (public Net 1)
1 External 2 (public Net 2)

The default Gateway is set on the External 1 NIC.
But i want to add a second Gateway on the External 2 NIC because this a complete another Network then the first public.

What i want is, that i can reach the Webservers in the DMZ over this two lines... I have add the NAT Rules like the first line for the second line...
But i can't reach the servers... So and what i thing is, that i need the gateway entrance for the second NIC...

Was that a little better? I hope so.
Reply With Quote
  #8 (permalink)  
Old 06-28-2009, 08:06 PM
BAlfson's Avatar
Moderator
  
Join Date: Mar 2007
Location: Oklahoma City
Posts: 5,393
Default
If you are trying to reach servers in the DMZ from your 'Internal (Network)', then the problem isn't the gateway.

For example, if public DNS servers resolve web1.YourDomain.com to 68.79.12.34, you probably have a NAT rule 'Any -> HTTP -> [68.79.12.34] : DNAT to [DMZ IP of web1]'.

From your 'Internal (Network)', if you try to reach h**p://web1.YourDomain.com, you can't.

You can do some fancy routing, or you can just create a 'Static entry' in the Astaro DNS: 'web1.YourDomain.com -> [DMZ IP of web1]'. Or, if you have an internal DNS server, you could create a new A record in the YourDomain.com forward lookup zone.

Cheers - Bob
__________________
ACE V7 - Astaro Preferred Partner since V3
Addicted to my iPhone!
Reply With Quote
  #9 (permalink)  
Old 06-28-2009, 10:16 PM
Junior Member
  
Join Date: May 2009
Posts: 12
Default
Quote:
If you are trying to reach servers in the DMZ from your 'Internal (Network)', then the problem isn't the gateway.
This is not what i want

My Webservers in the DMZ should be reachable from public on two lines...

1 Webserver use the line 1
1 Webserver use the line 2

and so on...

When a user tries to open Webmail for example, that is reachable over the line 1...
When a user tries to open Online Booking System, that should be reachable over the line 2

The problem or the difficault here is, that the two lines are in different public networks.

Why i want this?
The second line is for our most important servers...
This line has a fully backup strategy...

That means, i will bound two public lines on one astaro firewall.

So that i can reach my server on theese two lines.

Greetings
Jimmy
Last edited by jimmyone; 06-28-2009 at 10:19 PM.
Reply With Quote
  #10 (permalink)  
Old 06-28-2009, 10:21 PM
RFCat_vk's Avatar
Wizard
  
Join Date: Aug 2005
Location: Victoria, Australia
Posts: 2,554
Default
Hi,
I suggest you have a look at link aggregation, I think that will give you what you require.

Ian M
__________________
Home Power User unlimited licence - v7.50x - AMD X2 5050e with 2gb,1 intel NIC, the onboard NIC and netgear gs108t with vlans.
Reply With Quote
Reply
Page 1 of 2 1 2

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT. The time now is 05:07 PM.

 
Contact Us - Astaro User Bulletin Board - Archive - Top

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.


These pages are specifically maintained for the discussion of firewall issues within the Open Source community, and might already reflect new alpha/beta releases under development. Please refer to our product specifications for the functionality of the actual release. Discussions of new/enhanced functionality does not constitute a commitment of Astaro, to integrate this functionality into future releases. issues within the Open Source community, and might already reflect new alpha/beta releases under development. Please refer to our product specifications for the functionality of the actual release. Discussions of new/enhanced functionality does not constitute a commitment of Astaro, to integrate this functionality into future releases.