A client has an 1841 router with two ISPs connected to it and is doing IP SLA for redundancy.
A Linux mail server (Postfix) is NATted to one of the ISP using the following command:
ip nat inside source static tcp 188.8.131.52 25 192.168.9.10 25 extendable
LAN users of Outlook Express does not have any problems getting or sending their mail to the Postfix server.
The router is also a VPN server for mobile users and as far as VPN is concerned, it is working (ie. mobile users are able to ping and access pretty much anything inside the LAN, including pinging the Postfix server). The problem is, they can't get their Outlook Express to connect to the Postfix server (SMTP TCP-25) UNLESS I remove the static NAT entry above. Removing the NAT entry will allow the VPN users' Outlook Express to communicate with the Postfix server. However, without the NAT entry the Postfix server will no longer be able to receive email from the internet.
I'll try to post the config later if it's really necessary.
Am I missing something?