[ previous ] [ next ] [ threads ]
 
 From:  "Adam Wilks" <adam dot wilks at weymouthwireless dot co dot uk>
 To:  "Monowall Mailing List" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] IPSec Tunnel to 128.0.0.0
 Date:  Sun, 9 Jan 2005 19:35:00 -0000
Peter,

> What are you trying to achieve with 128/1 ??  

Originally I used 192.168.100.0/24 and 192.168.0.0/24 as the tunnel
endpoints which makes sense right? This worked well and provided a
tunnel between the LAN's which allowed hosts on each subnet to ping each
other.

The problem is that hosts on the 192.168.0.0/24 subnet were unable to
connect to the internet. So after some searching on the lists I found
some reference to the 128.0.0.0/1 subnet that would apparently route not
only 192.168.100.X destined packets over the tunnel but also any other
traffic not found on the local network. Hope that makes sense.

So 128/1 seems to be necessary to give internet access to clients on the
192.168.0.0 network. I've been messing with routes all day and this is
the only method that has worked for me.


Adam.

-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.6.9 - Release Date: 06/01/2005