Imagine this:
- SME Server 8.0 with all current updates in server and gateway mode.
- External pptp session established and working from the CLI
- IP routes have been established for some specific external hosts to be reached via ppp1 instead of ppp0. Pings and traceroutes from the server CLI confirm that it's good.
- Squid generates requests on the server, so internal clients get correct web behaviour, ie, it works well for clients in the browser
- For traffic squid can't handle, or if squid is turned off, packets leave with the original internal IP address intact
- In these cases, remote hosts can't respond, assuming such a silly packet even arrives.
Can anyone think of an elegant way to keep the NAT included in all this, other than manually setting up a new set of NAT rules in iptables?
Thanks for your time everyone!