Re: [m0n0wall] m0n0 VPN static routing problem

From:	Chris Buechler <cbuechler at gmail dot com>
To:	Keith Redfield <kredfield at airsurfwireless dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] m0n0 VPN static routing problem
Date:	Thu, 27 Jan 2005 11:50:49 -0500

On Wed, 26 Jan 2005 21:09:18 -0800, Keith Redfield
<kredfield at airsurfwireless dot com> wrote:
> Hi folks,
> 
> Having problems with static routes across a VPN [which I'm new at] as follows:
> 
> Stub Net---------------- MonoA===/VPN/=== MonoB----------Cisco
10.100.100.1---------10.100.100.111(RADIUS)
> 10.0.10.252[vlan2]    10.0.10.1                 10.0.1.55[vlan1]              10.0.1.1
> 
> The IP addresses for the Monos are the endpoints for the VPN. The VPN is up and a host from the
stub can access the GUI for both A & B
>
> MonoA is the default route for stub hosts i.e. 10.0.10.252.
> 
> MonoA has a static route for 10.100.100.0/24 pointing to MonoB.
> 
> Cisco has a static route for 10.0.10.0/24 pointing to MonoB
> 

You can't just throw in static routes because traffic to 10.100.100.x
won't be seen as needing to go through the tunnel.  You can create a
second IPsec connection between the two m0n0walls for the 10.100.100.x
net and that should work.

-Chris