Hello everyone,
I have a really strange issue with our Astaro system.
One of my users is connecting from home using either IPsec VPN (roadwarrior) or SSL. The problem only appears when using IPsec.
He and his wife both have their own machine. They are also both using the company mails server which is behind the firewall. In order to send mail from the outsode, on has either to vPN in or to use the external SMTP connector of Astaro (mail security) and authenticate if he wants to relay. That works just fine. POP and IMAP are forwarded to the internal machine directly.
Now comes the tricky part: as soon as my boss starts his IPSec VPN session, his wife cannot send mail anymore. As soon as he closes the connection, she can send mails again. Again, this only happen with IPSec, not with SSL.
When using tcpdump on the firewall, we can see the SYN packets reaching the server and the server responding, but the ACK never makes it back to the client which eventually gives up after a few retries.
What I THINK is happening is that, since both users have the same external IP address, Astaro someone bugs out and sends the response packet not through the external interface but through the VPN port.
Is this possible ? Is there a fix beyond using the SSL VPN ?
Bonus question: is there an SSL VPN client that will work with Astaro and has... more user-friendly interface ?
Thanks
This thread was automatically locked due to age.