Re: [Shorewall-users] Shorewall config for Mailserver-on-LAN , over a VPN to staticIPs on a VPS?

[surfer]

I'm still struggling with forwarding SMTP traffic across a VPN and into my LAN. 
 After a week+, I still can't get this working :-/

Monkeying aaround, I screwed up the VPN, too.  That's been fixed for me, and 
I'm restarting with a working VPN setup,

        SERVER (shorewall)
                eth0: S.S.S.S
                      192.168.0.1
                tun1: 10.0.0.1
         |
         |
         |
        CLIENT (shorewall)
                eth0: C.C.C.C
                tun1: 10.0.0.2
                eth1: 192.168.1.1
         |
         |
         |
        SMTP
                eth0: 192.168.1.2


Connecting from SERVER's shell to the SMTP works,

        telnet 192.168.1.2 25
                Trying 192.168.1.2...
                Connected to 192.168.1.2.
                Escape character is '^]'.
                220 smtp.mydomain.com ESMTP

But I can't to get to SMTP from 'outside'.  From an external shell,

        telnet S.S.S.S 25
                Trying S.S.S.S...
                telnet: Unable to connect to remote host: Connection timed out


The SERVER shorewall has

        /zones
                fw        firewall
                net       ipv4
                vpn1      ipv4
                loc       loopback

        /interfaces
                net       eth0     tcpflags,nosmurfs,routefilter=1,sourceroute=0
                vpn1      tun+     -
                loc       lo

        /rules
                DNAT      net      $FW:192.168.1.2    tcp       25    -     
S.S.S.S
                ACCEPT    net      vpn1:192.168.1.2   tcp       25

and the CLIENT shorewall has

        /zones
                fw        firewall
                net       ipv4
                lan       ipv4
                loc       loopback
                vpn1      ipv4

        /interfaces
                net       eth0     
tcpflags,nosmurfs,logmartians=1,routefilter=1,sourceroute=0
                lan       eth1     routefilter=1
                vpn1      tun+     -
                loc       lo

        /rules
                ACCEPT    vpn1     lan:192.168.1.2    tcp       25

        /masq
                eth0      192.168.1.2  S.S.S.S        tcp       25

I'm well aware that my setup does not work, and that it's probably flat out 
wrong.   I'm just posting the state it's in right now.  There is no "why" as to 
what I'm doing.  I don't know anymore and am reduced to just changing & trying 
things randomly.

I'd appreciate a hand -- getting this working and understanding what's going on.

What shorewall configs do I need so that `telnet S.S.S.S 25` from the external 
net will get a response from SMTP ?

------------------------------------------------------------------------------
Want fast and easy access to all the code in your enterprise? Index and
search up to 200,000 lines of code with a free copy of Black Duck
Code Sight - the same software that powers the world's largest code
search on Ohloh, the Black Duck Open Hub! Try it now.
http://p.sf.net/sfu/bds
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users