I've searched until 50-60 tabs were open and tried everything on each. I'm lost on this.
In the attached picture everything is working except for the inbound traffic on three ports from the local-wan connection. All outbound traffic is being nat'd out the vpn just fine and is going very fast. I've even got a few routes setup to route nntp and WoW(Game) out the local interface instead of the VPN. All very nice. But Since installing Microtik/RouterOS I've been unable to get any packets to route inbound as desired. I've previously configured a Buffalo, Linksys, and ISA servers all with relative ease so I know I'm not crazy...
I'm not including current nat/firewall rules on purpose as it's a mess of rules (mostly disabled) from attempts to route the ports. With exception to vpn default routes the disabled rules mean router is mostly default. I've tried just about every method to NAT traffic from sfp1-gateway not from 192.168.11.0/24 on port 25 to 192.168.11.35 (Exchange Server). I've even setup up rules to output log before accepting and dst-nating the traffic. The packet counts go up and the log shows data entering the router. But the server never sees it. My only conclusion at this point is that the PPTP vpn connection may be adding extra bolts needing turning to make this work, but I'm unsure.
Question 1: Can the VPN connection cause odd interactions with NAT rules using dst-net to forward inbound port 25 to a local machine and allowing the returning traffic to be ack'd.
2: On a clean router OS install, what filter/nat/mangle rules are needed to route (and allow return) of traffic on port 25 to an internal IP.
3: (unrelated) What rules should be in place to continue to allow outbound masquarading of traffic over the vpn without allowing un-established inbound connections from the VPN. This is just to ensure vypervpn services aren't attempting connection without permission.
4: Without using Routes (by ip), can traffic be routed out specific interfaces based on port/protocol? (Considering the vpn connection, etc..)
I know this is a lot but I'm almost burnt out from reading and trying and reading and trying and reading and trying...
Many thanks in advance.