| dual WAN setup with Kerio Connect [message #131902] |
Wed, 21 September 2016 11:47  |
lodewijk
Messages: 50
Registered: August 2005
Location: Amsterdam
|
|
|
|
Im looking at options and opinions about running Kerio Connect with 2 internet connections.
Seeing as we have a client that has a very fast but very unreliable internet connection, and a second "backup" internet connection that is very very slow...but more reliable. This second slow connection is set to kick in only when the main line goes down. (fail-over mode in router)
I posted about this in the router fora too, check here for more info
http://community.ubnt.com/t5/EdgeMAX/Block-mailserver-SMTP-O UT-on-WAN2-but-allow-SMTP-IN-on-WAN2/m-p/1681600
My (limited) understanding is that making incoming email mail work, is not a big deal (make a second MX record for 2nd WAN IP basically)
But for outgoing it is not really possible/feasible/advisable to do due to DNS complications (but I have no clue to be honest)
Does anyone have experience or insights about running Kerio Connect and 2 internet connections?
regards,
lodewijk
|
|
|
|
|
|
| Re: dual WAN setup with Kerio Connect [message #131925 is a reply to message #131919] |
Thu, 22 September 2016 12:20  |
TheMilkMen
Messages: 59
Registered: February 2013
|
|
|
|
You could consider using a smarhost like SendGrid or Mailgun. That way it doesn't matter which IP you send from because your email will always come from the smart host. Just make sure you setup SPF correctly whichever route you decide to go down.
If you've got users connecting from the outside to webmail or with mobile devices you'll have to think about how you want to handle that. One option would be to create two A records called mail.domain.com, (one for each connections IP) and then that way depending on how your router handles it "in theory" your users wouldn't see any downtime.
|
|
|
|
| Re: dual WAN setup with Kerio Connect [message #131982 is a reply to message #131925] |
Mon, 26 September 2016 14:43 |
Maerad
Messages: 275
Registered: August 2013
|
|
|
|
Actually this is less of a kerio but more of a DNS problem.
First - as brian said - you need a static ip address per wan link. For ForwardDNS you set the main IP as MX1, the second one as MX2 - something like "mail.youdomain.de" and "mail-backup.yourdomain.de".
Then you have to check with you ISP that the reverse DNS (that thing that makes numbers to names) is configured, so if you resolve the IP of the main link it returns mail.yourdomain.de, the other IP to mail-backup.yourdomain.de - or whatever domains you wanna use 
The only thing you have to config in kerio is the SPF record. Just google for SPF generator, there are many out there for this task.
So a server can deliver the mails, resolve the addresses you given and check them against SPF.
I strongly recommend http://mxtoolbox.com for checking if the SPD, DNS, Mailserver etc. works like it should.
|
|
|
|
| Re: dual WAN setup with Kerio Connect [message #131992 is a reply to message #131982] |
Tue, 27 September 2016 01:08 |
UnifiedTechs-Brian
Messages: 159
Registered: March 2011
Location: Vero Beach, FL
|
|
|
|
We use DNS Made Easy's Failover to allow clients to fail over to the backup IP if the main IP goes down, if it detects the server is not available on the main IP it will set DNS for mail.domain.com to the backup IP. Make sure reverse DNS for both IPs are set the same.
Inbound mail uses multiple MX records as mentioned above.
- Brian
Kerio Preferred Partner, Reseller & Hosting Provider
Unified Technology Solutions
|
|
|
|
Members
Search
Help
Register
Login
Home
