Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 2 answers
  • Subscribers 1 subscriber
  • Views 5813 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[error log] 451.4.4.4.0 error sending email to external using secondary provider

gunung

dear all,

please help, i'm using 2 providers : provider A (priority) & provider B

i'm using feature : uplink balance to keep my internet up. its work good.

the problem is i need to manual switch on or off "SNAT" if Provider A down to make smtp server work.

example: if provider A down. i need to switch off  Provider A's SNAT backend exchange server and turn on Provider B's SNAT. i have no problems for receiving email with both DNAT on.

did i miss something in setup. i'm using Astaro utm425.

thanks all,

Gunung



This thread was automatically locked due to age.
Parents
  • 0

    If you are using UTM Email Protection and have configured following Basic Exchange setup with SMTP Proxy, then a Multipath rule with two NAT rules will work.  The trick is in the object used in the 'For traffic from' field.

    Assuming you have an interface named "External A" and an Additional Address on that interface named "Email," your NAT rule for that interface should look like 'SNAT : External A (Address)  -> SMTP -> Internet : from External A [Email] (Address)'.  You need a similar one for provider B's connection.

    If you want to send on the primary IP of each interface (i.e., you don't need to use Additional Addresses), then you can use a simple masq rule in place of the two SNATs: 'Internal -> Uplink Interfaces'.

    But, I'm confused by your question.  According to https://support.microsoft.com/en-us/kb/3038746, this is a DNS issue.  In that case, perhaps your problem should be treated with DNS Best Practice.

    Please let us know what resolves your issue.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    If you are using UTM Email Protection and have configured following Basic Exchange setup with SMTP Proxy, then a Multipath rule with two NAT rules will work.  The trick is in the object used in the 'For traffic from' field.

    Assuming you have an interface named "External A" and an Additional Address on that interface named "Email," your NAT rule for that interface should look like 'SNAT : External A (Address)  -> SMTP -> Internet : from External A [Email] (Address)'.  You need a similar one for provider B's connection.

    If you want to send on the primary IP of each interface (i.e., you don't need to use Additional Addresses), then you can use a simple masq rule in place of the two SNATs: 'Internal -> Uplink Interfaces'.

    But, I'm confused by your question.  According to https://support.microsoft.com/en-us/kb/3038746, this is a DNS issue.  In that case, perhaps your problem should be treated with DNS Best Practice.

    Please let us know what resolves your issue.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson

    Thanks Bob,

    your guide help me to check external dns setup in my back end exchange. i forgot tick it.

    and i find out with 2 providers internet.  position number for snat do effect. secondary provider Snat must put above.

    now my smtp server can sending with balacing provider. 

Unfiltered HTML