On Fri, 2003-02-21 at 15:43, Simpson, Doug wrote: > I have a RH7.3 Freeswan gateway setup which is also my firewall (IPTABLES). > The > people on the LAN network (192.168.1.0) can get to the POP3 server out on > the Public internet. But when I connect a client via the IPSEC (they are > static 10.2.67.0/8) tunnel then > I cannot get POP3 mail. I can send mail. > This is what I have in my rc.firewall script to allow my LAN clients to get > their POP3 - > > iptables -t nat -A POSTROUTING -p tcp --dport 110 -o eth0 -s 192.168.1.0/24 > -j SNAT --to $external_ip > > I tried adding this line for those coming in via VPN/ipsec > > iptables -t nat -A POSTROUTING -p tcp --dport 110 -o eth0 -s 10.2.67.0/8 -j > SNAT --to $external_ip >
Doug - Why would your client machine try to go to the lan via the ipsec tunnel for internet traffic? have you told your client to route traffic for the pop server though the tunnel? If you have internet connectivity to get to your firewall and establish a connection, I assume that you can also see the pop server. Help me out here I am missing something or several somethings. Bret -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
