Topic: gateway setup possible ?

[prayerman]

Hi folks,
i want to set up sme 7 in the following config is it possible ?
wan1 ----|            |----wan2
sme
|
lan
|-----server1 (wan1)
|-----server2 (wan2)

i hope my diag makes sense - basically i want a server inside my network to use a second dedicated wan connection, routed through the sme, for one set of traffic and have all my other traffic sent down the first wan connection ?

[jonic]

No, SME does not support this configuration.
You could use a dedicated firewall distribution to do the routing and use SME in server only mode.

[prayerman]

Thanks for the quick reply.
Can you suggest a release for this ?

[prayerman]

I had another thought just then, could you configure two sme 7's one for wan 1 and one for wan 2 ?

[jonic]

I had another thought just then, could you configure two sme 7's one for wan 1 and one for wan 2 ?

Yes you can. You will have two private networks, one behind SME 1, and one behind SME2. If you need to communicate between the two networks, you will need to do some additional configuration ( in the server-manager, under Local networks you have to add for each server the local network of the other).

A firewall distribution that supports dual wan setup is pfSense, but I think it does load balancing between the two wan ports, so it's not quite what you want.

[prayerman]

thanks again,
yes i do want the two lan's to talk to each other, once the configuration change you mentioned is done, this will all work as one network ?

[jonic]

Well, I never needed this configuration, so I never tested it. But it should work. Maybe some one more experienced could advise?

[andy_wismer]

Hi

At one client, I do use something similiar, two different sme's supporting different LANs. It basically works.

But there are some caveats:

You need the same user on both systems, if you want to give them access (Not public to all...).

The DNS can also be a headache.

YMMV

Andy Wismer

[Elliott]

I've got a solution of sorts... only you wouldn't route your server through the SME.

Just buy any small firewall box off of the shelf that meets your needs. There are a variety of firewall/hubs that are easily configurable. Then you plug it's WAN port into the "other" wan that you want your server to use and program the firewall's LAN side to have a static IP on the LAN side of your SME network.

All of your normal clients on the SME network can pull their DHCP from whatever DHCP server you're using (NOTE: turn OFF DHCP on the other firewall box) and you can give the server and any other specialty clients static settings that route through the other firewall box.

Some caveats...

- Be sure to configure the other firewall box to only allow the specifics that you need for the special clients. Turn off all the stuff you don't need.
- If WINS or name resolution becomes problematic you may need to create specialty hosts files for some clients

As a nice solution to the WINS issues you could let your server be the DHCP server and point the DHCP clients to the SME box. The server itself would be hard coded and would therefor know to go out it's special WAN. This way all machines are aware of the others on the private LAN (via standard broadcasts) and the server is the only machine aware of the other way out.

-E