Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Gateway Help Needed

    Scheduled Pinned Locked Moved NAT
    3 Posts 3 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      g0x
      last edited by

      Hi there guys
      I need some help here please.

      I have 2 gateways on my network 1 checkpoint and a Pfsense each one of them have a static and public IP

      My exchange server is using checkpoing (192.168.1.1) as gateway and i have a public IP just for doing the OWA pointing to 443 at my exchange box.

      My other gateway is a pfsense box (192.168.1.60) and i want change the that owa ip to this public ip, as i said each gateway as a public IP.

      But the problem is my exchange has is gateway 192.168.1.1 so i cant get to the OWA but if i change exchange gateway to 192.168.1.60 it works fine.

      Is there any way at pfsense or Checkpoint to change this?

      :(
      I really need some help cos i dont have a clue how to do it

      Thanks in advanced

      1 Reply Last reply Reply Quote 0
      • G
        Gloom
        last edited by

        Not an easy one as OWA will send internet traffic to it's default gateway and the CP server knows nothing about the response packet so it drops it (No stateful inbound connection) and even if it did allow the packet through your PC would not understand a response from an IP address it has not spoken to so would not send an ack, so no connect would ever be setup.

        Some horrible kludges spring to mind but I don't wish to inflict them on this forum
        The simplest thing I can think of that does not make me cringe is to put a second IP address on the Exchange box in a different subnet move your PFSense Lan address to that and effectively create a little network consisting of the exchange box and the firewall connected vis a crossover cable or hub (or add a virtual IP to the LAN interface, depends on your routers). Make sure IIS is bound to all IP address on the box and maybe issue a iisreset

        Never underestimate the power of human stupidity

        1 Reply Last reply Reply Quote 0
        • dotdashD
          dotdash
          last edited by

          The best solution, IMO, would be to run both WANs to your pfSense and scrap the Checkpoint. Then you could have OWA on both WANs without messing with the server config…

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.