[ previous ] [ next ] [ threads ]
 
 From:  Peter Curran <lists at closeconsultants dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] broadcast over VPN
 Date:  Wed, 5 Jan 2005 10:07:42 +0000
This is becoming a bit of a FAQ....

You cannot forward broadcasts (or multicasts) across an IPsec VPN.  The reason 
for this is that traffic is selected to be placed into the tunnel based on 
its destination address.  A broadcast application is typically sending 
packets to 255.255.255.255 , and this is not going to be configured as a 
destination for an IPsec tunnel.  (Well you could do, but there is no way of 
pursuading the BSD routing function to forward to this address, so IPsec 
would never get the chance to select the traffic). 

The link you give is to a very dodgey kludge based around PPTP - this type of 
thing is unlikely to be supported by m0n0wall.

It is possible to do what you want with OpenVPN, using TAP tunnels and 
bridging.  I am about to release a new test version of the OpenVPN code that 
supports bridging (in a limited way but sufficient for your requirements).  I 
will write a document describing how to achieve your objective to go with 
this new test release.

Peter

On Wednesday 05 January 2005 04:54, Jared wrote:
> Is there any way to configure m0n0 wall to forward broadcast packets across
> a VPN? I found an interesting article on how to do it with one type of
> FreeBSD router, but it's a little beyond me.  I've got a couple of
> locations linked with an IPSec tunnel using m0n0 wall and it works great, I
> just like to be able to get broadcast packets from one place to the other.
>
>
>
> http://www.bsdnews.org/01/game_vpn.php


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.