Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 3 replies
  • Subscribers 27 subscribers
  • Views 659 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is the firewall able to use resources across a site-2-site

Patrik Nordlund

Hi,

We have 2 sites (A & B) connected via a S-2-S with XGs in each end. I have a couple of questions I was hoping to get assistance with:

  • Can the XG in site A use for example an smtp-server on site B to send notification emails?
    • If yes, what IP would the XG in site A "present" itself with. What I mean, how should I configure the smtp-server to whitelist the XG so it is allowed to send emails via it. Is it the Local Gateway that is used in the S-2-S?

I hope you follow my setup :)



This thread was automatically locked due to age.
Parents
  • 0 in reply to LuCar Toni

    Hi,

     

    Thank you for your reply, I followed the kb123336 article and added those parts but still it seems the email never leaves the XG. This is what I get in the smtpd_main.log:

    ****************************************************

    2019-11-13 01:34:48.502 [15680] QsyOQ4-qqpcQp-ur == address@server.se R=router_for_notifications T=notification_smtp defer (-53): retry time not reached for any host for 'server.se'
    15679 LOG: queue_run MAIN
    15679   End queue run: pid=15679
    2019-11-13 01:34:48.502 [15679] End queue run: pid=15679
    21227 child 15679 ended: status=0x0
    21227   normal exit, 0
    21227 0 queue-runner processes now running
    21227 SIGALRM received
    21227 1 queue-runner process running
    15716 Starting queue-runner: pid 15716
    15716 LOG: queue_run MAIN
    15716   Start queue run: pid=15716
    2019-11-13 01:35:03.508 [15716] Start queue run: pid=15716
    15717 locking /sdisk/spool/output//db/retry.lockfile
    15717 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
    15717 Considering:address@retune.se
    15717 unique = address@server.se
    15717 address@server.se: queued for routing
    15717 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
    15717 routing address@server.se
    15717 --------> router_for_notifications router <--------
    15717 local_part=address domain=server.se
    15717 checking "condition" "${if and{{bool_lax{1}}{bool_lax{${if eq{$acl_c1}{1}{1}{0}}}}}}"...
    15717 calling router_for_notifications router
    15717 router_for_notifications router called for address@server.se
    15717   domain = server.se
    15717 route_item = * "<, smtp-ip-address"
    15717 original list of hosts = "<, smtp-ip-address" options =
    15717 expanded list of hosts = "<, smtp-ip-address" options =
    15717 set transport notification_smtp
    15717 finding IP address for smtp-ip-address
    15717 calling host_find_byname
    15717 queued for notification_smtp transport: local_part = address
    15717 domain = server.se
    15717   errors_to=NULL
    15717   domain_data=NULL localpart_data=NULL
    15717 routed by router_for_notifications router
    15717   envelope to: address@server.se
    15717   transport: notification_smtp
    15717   host smtp-ip-address [smtp-ip-address]
    15717 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
    15717 After routing:
    15717   Local deliveries:
    15717   Remote deliveries:
    15717     address@server.se
    15717   Failed addresses:
    15717   Deferred addresses:
    15718 T: notification_smtp: for address@server.se
    15718 locking /sdisk/spool/output//db/retry.lockfile
    15718 locking /sdisk/spool/output//db/wait-notification_smtp.lockfile
    15717 LOG: retry_defer MAIN
    15717   == address@server.se R=router_for_notifications T=notification_smtp defer (-53): retry time not reached for any host for 'server.se'

    ****************************************************

    I edited the actual addresses.

    Is there somewhere else I can look to see what is going on?

     

    /patrik

  • 0 in reply to Patrik Nordlund

    It seems the settings took a while to apply so now it is working as I wanted.

    Thank you for the help!

     

    /patrik

Reply Children
No Data