[ previous ] [ next ] [ threads ]
 
 From:  Vincent Fleuranceau <vincent at bikost dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] m0n0 <==> m0n0 IPSEC VPN - diagnosing
 Date:  Sat, 22 Jan 2005 12:21:39 +0100
> I'm an idiot but here's the answer for posterity. Remote site hosts
> all use a different default GW than the m0n0 itself. When I added a
> static route on a host on the remote pointing to it's m0n0 as the GW
> for my net, pings went across fine. Coupla static routes and I'm home
> free.
> 

Yes, we always think of traffic being blocked by firewall rules whereas 
it's often simply a routing issue...

If you don't want to add a static route on each host, try to set the 
static route only on their default gateway and icmp-redirect (if well 
implemented) should do the job for you.

See: http://support.microsoft.com/kb/195686/EN-US/

Cheers,

-- Vincent