How to use multiple gateway DMZ servers in a PGP Universal Server Cluster

book

Article ID: 180821

calendar_today

Updated On:

Products

Symantec Products

Issue/Introduction

 

Resolution

In the PGP Universal Server Administrator Guide it states that having multiple DMZ Gateway Servers is unsupported.

The reason for this is most Mail Servers are only configured to use one outbound mail connector at a time.

If one DMZ Gateway member goes offline it will not automatically route messages through the online cluster member.

To utilize the remaining DMZ Gateway member it would be necessary to manually change the mail connector to utilize the online DMZ server.

However it is possible to configure an MTA or Mail Server to send a PING or other test to see if the servers are responding and if not, route messages through the other DMZ server.

A Load Balancer can also acheive this effect and relay messages to which ever server responds the fastest, which is useful if one server is under heavier load.