WE have been running a BM VPN and firewall configuration for awhile
with no issue.  I have Dynamic NAT configured on my private interface
and had it disabled on the public one.  This server is primarily used
for VPN access.  Now I want to set up a Gwia to send email itself (no
mail proxy) but receive via the proxy.  I have no problem getting it
to use teh proxy both ways.  I can get this working if I enable
dynamic nat on the public interface and disable it on my private, but
that breaks my internal VPN connectivity.

Any suggestions?

lardens@nospam.net wrote:
> WE have been running a BM VPN and firewall configuration for awhile
> with no issue.  I have Dynamic NAT configured on my private
interface
> and had it disabled on the public one.  This server is primarily
used
> for VPN access.  Now I want to set up a Gwia to send email itself
(no
> mail proxy) but receive via the proxy.  I have no problem getting it

> to use teh proxy both ways.  I can get this working if I enable
> dynamic nat on the public interface and disable it on my private,
but
> that breaks my internal VPN connectivity.

The dynamic NAT on the private interface trick is only useful on a 
dedicated VPN server, as you are finding out.  Your options as I see
it are

- recfonfigure your internal hosts that you need accessible from your 

VPN to have a default gateway of the BMgr server.
- setup another server and leave your VPN server alone
- upgrade to 3.8 where you have the option of assigning remote clients
a 
private subnet address

-andy