VPN/PPTP/ip/mail problem

From: Martin Oude Veldhuis (velm_at_eshuis.nl)
Date: 07/29/04 

Date: 28 Jul 2004 23:32:21 -0700

Hi,

I have the following simplified networkconfiguration:

     +-----------------------+
     | home-user |
     | windows (2000/xp) |
     | ip=dy.na.mi.c |
     +-----------------------+
                 |
                 |
                 |
           internetcloud
                 |
                 |
                 |
     +-----------------------+
     | ip eth1=a.b.c.d |
     | company gateway |
     +-----------------------+
      | |
      |ip ppp0=10.0.0.11 |ip eth0=10.0.0.1
      | |
   ------------------------------------------ local network
                 |
                 |
                 |
     +-----------------------+
     | ip=10.0.0.2 |
     | mail/file server |
     +-----------------------+

In the local network there is a mail/fileserver (sendmail, samba) with ip
10.0.0.2.
Also there is a gateway with local ip 10.0.0.1 and on the internetside
ip a.b.c.d
A home user connects through pptp/vpn with a.b.c.d. to the gateway,
and connects to the local network thru the interface ppp0 and gets
ip 10.0.0.11 (the second user 10.0.0.12 and so on)
On the home pc I see with ipconfig the ip address 10.0.0.11 and I can
ping from the fileserver to 10.0.0.11. The user can use the files on
the fileserver with samba.
So far so good.

If U ping from the home pc to the filserver, I can see that it is not
10.0.0.11 who is pingingm but 10.0.0.1 ! And when I check
"smbstatus -uhomeuser" then I see that the user is connected by 10.0.0.1.
Still not a problem the filesharing part works fine.

The problem arises when I try to use mail. I use sendmail (don't even
start...). Every ip-address in our local company network can use sendmail
as smtp server ... except 10.0.0.1 because otherwise I have an open relay.
I filled the sednmail file "relay-domains" with all local ip addresses except
10.0.0.1, so 10.0.0.2 t/m 10.0.0.254.

If the home user wants to mail, sendmail thinks the user is on ip 10.0.0.1 and
refuses the mail because of the relay-domains file. So the use cannot mail!

How can I solve this? I have a simple iptables configuration on the gateway.
Do I have to NAT or something? The are at the most 10 vpn/pptp users with
ip addresses 10.0.0.11 t/m 10.0.0.20.

regards Martin

Relevant Pages

  • Re: sendmail/dns question on AIX 433
    ... i think sendmail might have some smtp routing features, ... >This will relay mail to your corporate SMTP gateway which will do any ... >I use sendmail to communicate between our aix servers and our corporate ...
    (AIX-L)
  • Re: sendmail vs microsoft edge server comparison
    ... Microsoft edge server technologies at the gateway level (on the DMZ) ... but Sendmail Inc. never showed me enough of a reason to pay for their ... honestly advise anyone to pay them for a spam filter, ...
    (comp.mail.sendmail)
  • Re: Configuring router for static IP address on LAN
    ... as long as the IP the DHCP server allocates doesn't ... subnet mask and the default gateway. ... to get _off_ the local network out to the wider world. ... "Computer games don't affect kids; I mean if Pac-Man affected us ...
    (uk.comp.sys.mac)
  • Re: sendmail vs microsoft edge server comparison
    ... Microsoft edge server technologies at the gateway level ... My experience with Sendmail Switch has been less hilarious and pathetic, ... honestly advise anyone to pay them for a spam filter, ...
    (comp.mail.sendmail)
  • Re: Convention User Woas
    ... gateway, they're not able to reach off the LAN either, as most operating ... Where they st00pid enough to not spoof the MAC address as well? ... and might see that the local network is ... with the destination address of 216.239.57.x to the MAC address of the ...
    (comp.dcom.lans.ethernet)