Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 6 replies
  • Subscribers 4 subscribers
  • Views 7687 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

notifications not sent on backup WAN

BJohnson

We have a fairly standard setup with primary and secondary internet service.  Both WAN connections are in use via load balancing.  Last night I unplugged the primary link and never received a notification that our primary WAN was down.  I always receive notifications about the secondary WAN (TWC, it "blinks" regularly), both link-down and link-restored, but last night I only received the primary link-restored notification, which was delivered via the primary link.  There are no persistence or multipath rules for notifications.  How do I ensure that I receive primary WAN-down notices?  Obviously, the primary is more important than the backup.

TIA for your help.



This thread was automatically locked due to age.
Parents
  • 0

    How do you configured the email protection? Do you see anything in the Mail Log? 

    It is a bit complex. Wan2 must be a gateway to internet too and used to deliver emails

  • 0 in reply to Ol Deda

    WAN2 is also a gateway.  According to the email logs, WARN-032 (Internet Uplink is Down) was processed AND sent successfully.  However, I never received it.  Here's the relevant log entries:

    2018:03:13-17:50:07 sg115w notifier[21575]: processing notification request for WARN-032
    2018:03:13-17:50:08 sg115w notifier[21575]: successfully processed request for notification
    2018:03:13-17:50:09 sg115w postfix/pickup[20999]: 8952824C1A: uid=0 from=<do-not-reply@fw-notify.net>
    2018:03:13-17:50:10 sg115w postfix/cleanup[21591]: 8952824C1A: message-id=<5744-21575-1520988607@sg115w>
    2018:03:13-17:50:10 sg115w postfix/qmgr[7059]: 8952824C1A: from=<do-not-reply@fw-notify.net>, size=847, nrcpt=1 (queue active)
    2018:03:13-17:50:10 sg115w postfix/smtp[21630]: 8952824C1A: to=<ME@MYEMAIL.COM, relay=localhost[127.0.0.1]:25, delay=1.8, delays=1.3/0.5/0.01/0.01, dsn=2.0.0, status=sent (250 OK id=1evucM-0005cx-1r)
    2018:03:13-17:50:10 sg115w postfix/qmgr[7059]: 8952824C1A: removed

  • 0 in reply to BJohnson

    Do you have external or internal mail server? Consider that when wan1 is down, the email is going from the second IP and maybe is marked as spam

  • 0 in reply to Ol Deda

    Thanks oldeda, that's a good idea, but we have cloud-hosted Exchange so that's not the issue.  Also, the secondary connection's modem is in bridge mode, so it's not blocking any outgoing traffic.

  • 0 in reply to BJohnson

    Does your SMTP log show that the message was delivered?  Is there anti-spam in front of your Exchange in the Cloud?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Bob, thanks for the tip. According to the Notifications log the email was sent, but the SMTP log indicates that a rejection notice was received from our Exchange server.  It was our anti-spam service.  I must have whitelisted our primary ISP at some point, because I receive almost all of these notices which is why I didn't think anti-spam was a potential cause.

Reply
  • 0 in reply to BAlfson

    Bob, thanks for the tip. According to the Notifications log the email was sent, but the SMTP log indicates that a rejection notice was received from our Exchange server.  It was our anti-spam service.  I must have whitelisted our primary ISP at some point, because I receive almost all of these notices which is why I didn't think anti-spam was a potential cause.

Children
No Data
Unfiltered HTML