said by eddysamson2 :I dont have time to go through my two configs
Since you are a new member and are probably unaware of, may I suggest that in the future you should not use these words which could be misunderstood by a lot of people here (just a friendly suggestion)
said by eddysamson2 : and omit our private information right now
Network topology and configuration posting should not be security concern. If you prefer, you can just scrub off passwords and SNMP community strings. Further you can replace any Public IP addresses with fake one such as 1.1.1.1 and 2.2.2.2.
said by eddysamson2 :but I can tell you this:
What I am trying to do is route smtp traffic from Exchange Edge on DMZ(891) to our Exchange Hub off our 1921 on port 25.
So an email comes in through the 891's outside interface, goes to our edge server @ 10.10.10.3, and then heads back out through the interface connecting my two routers, enters the internal router, and goes to the Exchange Hub @ 192.168.1.186.
It seems like a relatively simple thing. I can't be the only one trying to do a 2 router DMZ. The dual internet connections is unrelated and works fine as our Lync Edge server works perfectly it just has two nics so it doesn't need to traverse the 891->1921 connection.
I have:
DMZ Subnet 10.10.10.0
^
|
891 fastethernet8- ip address 10.10.1.10 connected directly to ->
1921 gigabitethernet0/0- ip address 10.10.1.2
|
v
Internal Subnet 192.168.1.0
Try to not NAT between DMZ on 1921 and the 891 unless you have compelling reason. Also there should be no need to implement routing protocol such as EIGRP or OSPF since your network should not really need them yet.