Problem NET

hi to all
i'm trying to configure a Fedora Core 2 as a router/firewall/mail
gateway/VPN server..

I've installed Fedora 2 and also webmin, shorewall and PoPToP.
I have two network card, one with 10.0.0.253 (internal lan) and one with
x.x.x.186 (plus some virtual adresses to get the 187-188-189-190 public ip
also).
The shorewall is configured to masquerade from eth0 (lan) to eth1 (internet)
as "Network on eth0 except 10.0.0.253"

It seems to let local lan users navigate outside.

Now... i have several problem.
1)I can login to ssh using the lan interface, but not using the internet
one.If i stop the firewall, i get the password prompt, but then my client
stops with a status of "requesting new channel - please wait". If i start
shorewall, even with no rules, and default policy of

local -any - Accept
net -any accept
any - any - reject

i don't even get the pw prompt.

That's one of the problems.

2) Another one is the VPN... i've configured the server as the document
states... and it seems to work. My goal is to replicate the windows xp vpn
server... But when i connect i get an ip with a net mask of 255.255.255.255
and i can ping only the vpn server. Instead, i want that when a client
connect, it can ping all the local net behind the linux (eth0)

3) Last, i've configured winbind and samba via "setup" command line... but i
don't get any windows active directory user to get into the linux box.
I've tried the join domain command by hand, and i don't get any error or
response at all... but there is no machine account in the windows domain
relative to the linux box.

Please help me