we have a UTM active-passive Cluster with two Uplinks configured (ISP1=Uplink and ISP2=o2).
I have one Testclient which uses ISP2 and surf the Web without a Problem.
But it can't connect to a Server which is NATed on a public IP from ISP1
It can however reach Servers Protected with Webserver Protection on the UTM on ISP1
The Webserver Protection ant the NAT is working from all other ISPs for example my home Network.
This is the Multipath Rule for my Client
The Masquerading Rule:
And the Firewall Rule:
This is the NAT Rule to the Server i try to reach:
Do you have any Ideas where I can start Troubleshooting this ?
Hi Marco Hald,
Thanks for reaching out to the Community!
I'd suggest you run tcpdump on destination IP address on UTM as well as review the packet-filter logs.
I'm confused. Is your #5 Multipath rule binding outbound traffic from "o2 (Network)" to the "O2" interface? is "o2" a LAN interface? Is "O2" an interface with a public IP and a default gateway? What is whited out in Multipath rule #4 - the Testclient?
"I have one Testclient which uses ISP2 and surf the Web without a Problem.
"But it can't connect to a Server which is NATed on a public IP from ISP1"
Is the Testclient in "o2 (Network)"? Is ISP2 on the "O2" interface? When you say "can't connect," what do you see - an error message or just no response?
Have you tried a NAT rule like the following?
Full NAT : Testclient -> (HTTP/S & Zenworks-Joinproxy) -> ISP1 (Address) : from o2 (Address) to server
Cheers - Bob