On 7/14/2014 5:25 PM, [email protected] wrote: > > Hi > > I've been having a heck of a time getting this straight, and could use a > hand. Any help would be appreciated! > , options [mss 1460,nop,wscale 3,sackOK,nop,nop,nop,nop,TS val 13 ecr 0], length 0 > > I must have missed something in the setup. :-/ > > Any help here? How to I get this traffic INBOUND, over the VPN and to/from > the mailserver? >
You are making this way too hard.
On the VPS:
a) /interfaces:
vpn1 tun+ -
b) Delete the /hosts entry
c) In your VPN setup, establish a route to 192.168.1.0/24 through the VPN.
d) Configure these in /rules:
DNAT net vpn1:192.168.1.50 tcp 25 A.A.A.1
ACCEPT vpn1:192.168.1.50 net tcp 25
f) Configure this entry in /masq. This will ensure that SMTP connections
from the mail server are sent from the VPS with the proper address.
eth0 192.168.1.50 A.A.A.1 tcp 25
On the HOME/OFC firewall:
a) /rules
ACCEPT vpn1 loc:192.168.1.50 tcp 25
ACCEPT loc:192.168.1.50 tcp 25
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
