I have two exchange servers in my network for failover (one one public ip) - how do I setup port forwarding for ports 25 & 443?
Using Winbox, go to IP > Firewall > Nat
Add a rule.
Chain=dst-nat
Protocol: 6 (tcp)
Dst. Port: 25,443
In. Interface: ether1-gateway
Action: dst-nat
To Address: Your Exchange IP
I have that rule already, but I cannot but two ip addresses in the action tab “To address”. And if there are two rules for the same ports, it only uses the top one, so if the main server is down, the failover server doesn’t have port 25 open. Is there any workaround for this?
This is correct behaviour, traffic matches first rule so it is not processed by other rules.
I’m not Exchange expert but this is not the way to achieve your goal. Maybe something like “Network Load Balancing Services”
Eventually that is my goal, but I’m moving from one server to another and they both have mail queues at the moment, so I was hoping I could find someway other than moving the rules back and forth until I get that in place.
Of course not! When you have only one IP address, you can run only one mail server.
(apart from putting them in load balancing, which is NOT what you want in this case)
You could use Netwatch to ping either server and enable/disable rules as needed. Although it’s automatic the fact that you can ping doesn’t mean that the service is up but could work for you if your failures are usually from server shutdowns or hardware issues that take it out of the network.
Enviado desde mi MotoE2(4G-LTE) mediante Tapatalk