Static NAT, Remote Access VPN and Postfix

Unanswered Question
May 26th, 2008

A client has an 1841 router with two ISPs connected to it and is doing IP SLA for redundancy.

A Linux mail server (Postfix) is NATted to one of the ISP using the following command:

ip nat inside source static tcp 123.4.5.6 25 192.168.9.10 25 extendable

LAN users of Outlook Express does not have any problems getting or sending their mail to the Postfix server.

The router is also a VPN server for mobile users and as far as VPN is concerned, it is working (ie. mobile users are able to ping and access pretty much anything inside the LAN, including pinging the Postfix server). The problem is, they can't get their Outlook Express to connect to the Postfix server (SMTP TCP-25) UNLESS I remove the static NAT entry above. Removing the NAT entry will allow the VPN users' Outlook Express to communicate with the Postfix server. However, without the NAT entry the Postfix server will no longer be able to receive email from the internet.

I'll try to post the config later if it's really necessary.

Am I missing something?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
smahbub Fri, 05/30/2008 - 11:23

Can you provide the output of "show tech" command which will be helpful in determinign the chnages to be made in the existing config and resolve the issue.

Actions

This Discussion