This is probably a pretty basic question, but after struggling for the past few days I think it's time to break down and ask for some help!
We have a Mandrake MNF server with 3 nics protecting our network, with a Sendmail server in the DMZ. Recently, I've been trying to set up the MNF system as a VPN server, but I don't believe our current configurations support it. A breakdown of the firewall system:
eth0 - 172.20.0.100 (LAN)
eth1 - 126.96.36.1999 (WAN)
eth2 - 172.20.1.100 (DMZ)
There is one Sendmail server in the DMZ, 172.20.1.3. There is a static NAT connecting that server to the WAN. I believe this is what is causing the problem for the VPN (FreeSwan)... It sees eth1 and eth2 sharing the WAN IP, and will not start because of that.
My biggest confusion is the purpose of static NAT and whether it is necessary. From what I understand, the static NAT tricks external machines into thinking the sendmail server is connected directly to the net via the WAN's IP address.
Is it possible to remove the static NAT and only use port forwarding? Do we need a second external IP address dedicated to the VPN? I'd like to know if this can even work with our current setup and the basic steps I need to take before venturing any further. I'm not new to linux, but I'm definitely not proficient... most of these systems work because of help from howto's and lots of trial and error!
Thanks in advance for any advice!