The remote clients are MS OSs running SSH sentinel. I connect to the internet and then connect to the Freeswan gateway. When I am connected to the VPN gateway all my traffic goes down the tunnel until I disconnect the VPN tunnel. The SSH client (ipsec) takes over the connection and directs all traffic to the gateway. Do you know a way to configure the SSH client so that it allows traffic out to the internet without going through the IPSEC tunnel? This of course would be an answer. Any help would be great. Thanks, Doug
-----Original Message----- From: Bret Hughes [mailto:[EMAIL PROTECTED] Sent: Saturday, February 22, 2003 1:22 PM To: [EMAIL PROTECTED] Subject: Re: please help POP3 On Fri, 2003-02-21 at 15:43, Simpson, Doug wrote: > I have a RH7.3 Freeswan gateway setup which is also my firewall (IPTABLES). > The > people on the LAN network (192.168.1.0) can get to the POP3 server out on > the Public internet. But when I connect a client via the IPSEC (they are > static 10.2.67.0/8) tunnel then > I cannot get POP3 mail. I can send mail. > This is what I have in my rc.firewall script to allow my LAN clients to get > their POP3 - > > iptables -t nat -A POSTROUTING -p tcp --dport 110 -o eth0 -s 192.168.1.0/24 > -j SNAT --to $external_ip > > I tried adding this line for those coming in via VPN/ipsec > > iptables -t nat -A POSTROUTING -p tcp --dport 110 -o eth0 -s 10.2.67.0/8 -j > SNAT --to $external_ip > Doug - Why would your client machine try to go to the lan via the ipsec tunnel for internet traffic? have you told your client to route traffic for the pop server though the tunnel? If you have internet connectivity to get to your firewall and establish a connection, I assume that you can also see the pop server. Help me out here I am missing something or several somethings. Bret -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
