Posted: 4/28/2011 10:41:52 AM EDT
|
I have a dlink DIR-655.
I want to direct LAN traffic on port 25 to local server A. I want to direct WAN traffic on port 25 to local server B. Does anyone know if this will be possible on this router? |
|
Quoted:
I have a dlink DIR-655. I want to direct LAN traffic on port 25 to local server A. I want to direct WAN traffic on port 25 to local server B. Does anyone know if this will be possible on this router? youll need Cisco IOS to do a policy based route for that... why not just have the lan clients go directly to B:25? you'll have to remember 2 different ip addresses but thats about the best youll get |
|
The DLink can do the WAN traffic side.
How many machines on the inside need to have the route setup this way? If it's not too many you could just deploy a hosts file entry for all the machines on the inside, so long as sending all the traffic destined to the host to the internal machine A, rather than just port 25. Also, a FreeBSD firewall (pfsense) can do this with ease if you have a spare machine to run it on. |
|
Awesome. I was 99% sure I would not be able to do it on this router.
This is a only temporary solution. Firewall burned out, backup firewall burned out, now running on dlink as a backup-backup. hosts file will probably work, I'll have to roll that one around a bit. |
|
Ok. I need even more help.
firewall and then the backup firewall both went down. Currently running on dlink dir-655 soho router (172.18.18.212) we have several netgear managed switches. 2 vlan's: 10 is computers, 172.18.18.0 200 is VOIP Phones, 10.200.0.0 Everything is up and running except VOIP messaging server cannot get out to the internet. This prevents fax to email, and voicemail to email. Not critical, but I would really like to get it up and running. Newfirewall won't be here for a while. One of the netgear switches has been doing the routing. vlan routing summary: 10 - 172.18.18.254 - 255.255.255.0 200 - 10.200.0.254 - 255.255.255.0 route table: address - subnet mask - next hop 0.0.0.0 - 0.0.0.0 - 172.18.18.212 10.200.0.0 - 255.255.255.0 - 10.200.0.254 172.18.18.0 - 255.255.255.0 - 172.18.18.254 I think that I need to have a route back on the firewall to 10.200.0.0, but I don't seem to beable to get it working. Any help would be greatly appreciated. This is not my strong suit. |
|
Quoted:
from 10.200.0.x I can ping 172.18.18.254 but not the other way around. damn this shit. I'm going home. If anyone has any ideas, i'd love to try them out tomorrow. This indicates a firewall rule. Can't really be a routing issue if the ping replies to 10 from 172 are making it. My first thought, I'll read your other message in detail when I have a little more time. |
|
Quoted:
This indicates a firewall rule. Can't really be a routing issue if the ping replies to 10 from 172 are making it. My first thought, I'll read your other message in detail when I have a little more time. Awesome, thanks. That is what I was thinking. My guess is that I won't be able to get the dlink to handle it. |
|
Quoted:
Quoted:
This indicates a firewall rule. Can't really be a routing issue if the ping replies to 10 from 172 are making it. My first thought, I'll read your other message in detail when I have a little more time. Awesome, thanks. That is what I was thinking. My guess is that I won't be able to get the dlink to handle it. If it's routing ok then it should be able to, though to be honest I'm surprised the DLink supports VLANs at all.. 
Is there a particular reason you went that route, rather than just allocating the 10/8 subnet on arbitrary boundaries? 10/16 allocated to infrastructure, 10.1/16 allocated to dhcp server, 10.2/16 to static devices, 10.3/16 to phones, etc., but with the mask set to 10/8. This will take some load off the routers and switches, as everything can 'see' everything else without routers or vlans, but the network is still logically partitioned. |
|
Quoted:
If it's routing ok then it should be able to, though to be honest I'm surprised the DLink supports VLANs at all..
Is there a particular reason you went that route, rather than just allocating the 10/8 subnet on arbitrary boundaries? 10/16 allocated to infrastructure, 10.1/16 allocated to dhcp server, 10.2/16 to static devices, 10.3/16 to phones, etc., but with the mask set to 10/8. This will take some load off the routers and switches, as everything can 'see' everything else without routers or vlans, but the network is still logically partitioned. "Reason" and "logic" seem to have nothing to do with it. This infrastructure was put in place with a failed local vendor pushing an astrisk VOIP system. Then it was cobbled together to be made to work with a mitel system, without purchasing the correct network hardware, because we lost so much on the first system. Since then it has been working, so there was no way we were going to waste money for "no gain." In reality, a /24 block would satisfy all of our address needs. I have no idea why they thought we needed 3 VLANS, one for PCs, one for phones, and one just to manage the switches. I don't think I am going to have enough resources to redo the entire thing. I'd really like to do like you suggested. But since I can't modify the VOIP, I'd have to change the computer network. And I am sure that would be a huge headache and I would find all sorts of shit that is hardcoded in software to IPs. What I think I will be able to do is move everything onto one VLAN, but keep the IPs seperate. Then get a router in place to really deal with it properly. But, like I said earlier... this is not my strong suit. |