Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
397
Views
0
Helpful
6
Replies

Route map help please (1811)

rygar1234
Level 1
Level 1

‎05-05-2008 09:15 AM - edited ‎03-03-2019 09:49 PM

Need advise/help please

Ip 70.x.x.x = Local Users / Backup Email ip

Ip 69.x.x.x = Email / Local users Backup ip

Everything seems to be working almost ok. The problem I am having is that the router defaults to the 70.x.x.x ip for Email. Here is part of the config file.

I think the problem is with my lst command line.

track timer interface 5

!

track 10 rtr 1 reachability

delay down 15 up 10

!

track 20 rtr 2 reachability

delay down 15 up 10

ip route 0.0.0.0 0.0.0.0 FastEthernet0 70.x.x.x track 10

ip route 0.0.0.0 0.0.0.0 FastEthernet1 69.x.x.x 200 track 20

ip nat inside source route-map cable-nat interface FastEthernet0 overload

ip nat inside source route-map dsl-nat interface FastEthernet1 overload

ip nat inside source static tcp 192.168.0.15 25 69.x.x.x 25 route-map exchange extendable

ip nat inside source static tcp 192.168.0.15 25 70.x.x.x 25 route-map exchange extendable

access-list 111 permit tcp host 192.168.0.15 any eq smtp

route-map exchange permit 10

match ip address 111

set ip next-hop verify-availability 69.x.x.x 1 track 20

If i add this line would it be correct?

route-map exchange permit 10

match ip address 111

set ip next-hop verify-availability 69.x.x.x 1 track 20

!

route-map exchange permit 20

match ip address 111

set ip next-hop verify-availability 70.x.x.x 2 track 10

OR

route-map exchange permit 10

match ip address 111

set ip next-hop verify-availability 69.x.x.x 1 track 20

set ip next-hop verify-availability 70.x.x.x 2 track 10

Thank you!

Labels:
0 Helpful
6 Replies 6

Thotsaphon Lueangwattanaphong
Level 7
Level 7

‎05-05-2008 11:18 AM

Hi Stathis,

I'm not sure what is exactly your problem.But I would use the command as follows:

route-map exchange permit 10

match ip address 111

set ip next-hop verify-availability 69.x.x.x 1 track 20

set ip next-hop verify-availability 70.x.x.x 2 track 10

The router will send SMTP traffics out of the fastethernet1 interface if it is UP. If not then send to the fastethernet0 interface for backing up. ##If It's up as well ;-)

Hopes this helps

Thot

0 Helpful

rygar1234
Level 1
Level 1
In response to Thotsaphon Lueangwattanaphong

‎05-05-2008 12:16 PM

Thx Thot

The problem is that when I receive email it defaults to fastethernet0 70.x.x.x and not the 69.x.x.x in fact port 25 on the 69.x.x.x is closed. fastethernet0 70.x.x.x port 25 works fine.

If i simulate a fail for 70.x.x.x then 69.x.x.x port 25 works fine.

Somehow i have to reverse it if its possible.

Thank you

0 Helpful

Thotsaphon Lueangwattanaphong
Level 7
Level 7
In response to rygar1234

‎05-05-2008 12:27 PM

Hi Stathis,

Please correct me if I'm wrong. You meant that you receive the e-mails from 70.x.x.x.So what's going on?

I want to send an email to you.I have to solve your MX-Record first. I meant your domain.ISP tells me hey! sathis@abcd.com please go to 70.x.x.x.

Please tell me what's your exact public ip address(high priority) using for SMTP traffics(Inbound!).

Is that your problems? if so,ISP will be involved I guess!

Hopes this helps

Thot

0 Helpful

rygar1234
Level 1
Level 1
In response to Thotsaphon Lueangwattanaphong

‎05-05-2008 12:37 PM

Sorry Thot let me try again. The router is not live yet i plug it in after work hours to test it.

70.x.x.x Fa0 = Local users internet - Backup for exchange

69.x.x.x Fa1 = Exchange - Backup for Local Users

With my current configuration when i try to telnet to port 25 or access port 25 on the 69.x.x.x Fa1 i get denied BUT 70.x.x.x Fa0 works fine.

If I simulate fail on 70.x.x.x then 69.x.x.x works fine which is very cool but its reversed. I want 69.x.x.x as first email ip and 70.x.x.x as backup.

The isp is set to sent to 69.x.x.x first and if it fails it will try 70.x.x.x

Thank you

0 Helpful

Thotsaphon Lueangwattanaphong
Level 7
Level 7
In response to rygar1234

‎05-05-2008 12:50 PM

Hi Stathis,

I think you need to use a "sh ip nat trans" command and see what happens when you telnet tcp/25 on the 69.x.x.x address. Is there an interesting NAT entry on it?

Using a "netstat -an" command on the server(192.168.0.15).Is there any connections from the outside using TCP/25? Is the status "established" or "TimeOut" or nothing?

Is there any devices between the router and the server Aka a firewall?

Hopes this helps

Thot

0 Helpful

rygar1234
Level 1
Level 1
In response to Thotsaphon Lueangwattanaphong

‎05-05-2008 01:59 PM

Thx Thot

I will check but i believe the router somehow is blocking port 25 as it thinks the 69.x.x.x is the backup ip.

Its allowing port 25 on the 70.x.x.x to receive incoming email if I unplug it its allowing port 25 on 69.x.x.x to receive email.

I will open a support call to see if they can help me.

Thx again Thot!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card