[ previous ] [ next ] [ threads ]
 From:  "Peter Curran" <lists at closeconsultants dot com>
 To:  "Vincent Fleuranceau" <vincent at bikost dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] VPN possibilities
 Date:  Wed, 3 Nov 2004 12:31:03 -0500
This will work with OpenVPN in 1.2beta2 and has been tested quite a bit (in
fact it almost describes my test environment).

Use the setup for the Road Warrior scenario from

You need to think about whether you want 'all' your traffic to go via the
tunnel or not (this is technically 'split routing' and is controlled by the
'redirect-gateway' option).  I suggest that you have 'redirect-gateway' on
but not the 'local' option.  This means that traffic on your LAN will not go
via the tunnel, but will do so when you leave the office.

Also, don't forget that you will need a firewall rule to allow inbound
UDP/5000 from the WAN interface so that you can use it outside.

Try it and let me know.


> > Hi!
> >
> > I'd like to make my portable pc a little more portable ;-)
> >
> > Mostly it's connected directly to my lan, but I'd like to be able to get
> > out and connect home via VPN from my own WLAN or from anywhere via the
> > net.
> >
> > But I'd like to do this transparently, so I's like always to make a VPN
> > connection to my monowall - also when connected to my LAN.
> >
> > I havent played with VPN yet, but has followed the discusions a little.
> > Anyone that has tips on what to use?
> > In any case the solution has to automaticaly cope with NAT and other
> > stuff, so I just has to plug-and-play the portable pc
> The problem is that you won't always seat on the same 'side' of the
> router: sometimes on the WAN side, sometimes on the LAN side...
> I don't know if it's a real problem, but I guess IPsec won't like
> this... OpenVPN (if binding all interfaces) may work -- not tested.
> -- Vincent

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.