Here's my setup
I have 2 ISPs. Our main is fiber attached to a catalyst switch, connected to a UTM interface. On that interface are numerous additional addresses used by our organization for all our domain addresses. The second ISP is Comcast Business cable. One of the lan ports is connected to a UTM interface and is used for multi-path. This works no problems.
I also use UTM wireless networking. My guest network is bridged to a vlan where there is only one assigned port. That port has a direct connection to the Comcast router via a lan port. That way, the guest network doesn't go out the UTM, or connect to our internal networks in anyway. It gets its ip info from the Comcast dhcp server and goes directly out to the internet that way.
This configuration has been working flawlessly until...Comcast upgraded our service and replaced the cable modem. Now everything works except those going out Comcast cannot reach the additional addresses on the main isp external interface. Multi-path works. The guest network works as it get's an ip from the cable modem, and has very fast internet.
However, we noticed that employees connected to mobile devices over the guest network cannot connect to our exchange servers. Turns out that all of our domain address, which are on the main external are inaccessible to traffic going out of Comcast via any of the lan ports. I have even disconnected everything from UTM, reset the cable modem, and connected a laptop to a lan port. I still can't reach these addresses on our UTM. I have confirmed with the help of our main ISP support that they get all of the way through the fiber and to the catalyst switch (which belongs to our ISP and I can't access)
It seems to me that the UTM is rejecting or blocking the traffic and I don't know why, or how to gain greater visibility into what's really going on. Any insight into what may have happened when a new modem was installed, what I can check, or how to resolve would be greatly appreciated!
This thread was automatically locked due to age.
