RE: [m0n0wall] Is this possible with m0n0wall ?

From:	"James W. McKeand" <james at mckeand dot biz>
To:	<m0n0wall at lists dot m0n0 dot ch>
Subject:	RE: [m0n0wall] Is this possible with m0n0wall ?
Date:	Tue, 11 Jan 2005 10:39:20 -0500

Pieterjan Heyse wrote:
> Hello guys,
> 
> I have a question about m0n0wall. I want to create this kind of
> network :
> 
> LAN A --- m0n0 --- Wireless A --|--- WirelessB ---- m0n0 --- LAN B
> 
> I am currently testing without the wireless bit so I have this setup
:
> 
> LAN A --- m0n0 --Xcable-- m0n0 --- LAN B
> 
> LAN A : 172.16.10.0/24
> m0n0 on lan A : 172.16.10.253
> WAN ip : 172.31.1.1
> 
> LAN B : 192.168.123.0/24
> m0n0 on lan B : 192.168.123.253
> WAN ip : 172.31.1.2
> 
> I am not able to ping m0n0 B (LAN and WAN side) from LAN A. I am
able
> to ping m0n0 A and WAN A from lan A. Do I need to add some firewall
> rules or routing rules ?

Take a look at establishing an IPSEC VPN between the m0n0walls.
Otherwise you will have to establish static routes *AND* firewall/NAT
rules. Ping is not working because the m0n0walls are blocking ICMP on
the WAN interfaces (actually blocking everything - assuming that you
have not changed the default rules...)

Once you go wireless for your WAN interface you will want *SOME*
security between the m0n0s - IPSEC VPN will do it...

_________________________________
James W. McKeand