[ previous ] [ next ] [ threads ]
 
 From:  "Keith Redfield" <kredfield at airsurfwireless dot com>
 To:  "Danny Puckett" <dpuckett at comresource dot com>, "Danny Puckett" <dpuckett at comresource dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Routing over IPSEC
 Date:  Fri, 28 Jan 2005 12:09:18 -0800
Hi Danny
 
Welcome to the club..;0
 
I just posted a day or so ago with the same problem. The short answer is you need to set up a VPN
for each remote network/subnet you need to reach. I am up to 3...
 
The VPN apparently doesn't really act as a default gateway in the way that I (or you perhaps)
expected - it will only forward packets destined for the remote network which terminnates the VPN 
(hopefully Chris will chime in if I'm getting this wrong). 
 
The good news is that the VPN local subnet doesn't have to be resident on m0n0 so long as m0n0 has a
route to that subnet.
 
Hope this helps.
 
Cheers,
 
-Keith

________________________________

From: Danny Puckett [mailto:dpuckett at comresource dot com]
Sent: Fri 1/28/2005 11:18 AM
To: Danny Puckett; m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Routing over IPSEC



That should read 192.168.3.0 to 192.168.100.0  Sorry

> -----Original Message-----
> From: Danny Puckett [mailto:dpuckett at comresource dot com]
> Sent: Friday, January 28, 2005 2:07 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] Routing over IPSEC
>
> I have a config as show below.  I have an IPSEC tunnel
> From m0n0wall1 to m0n0wall2.  The 192.168.2.0 and the 192.168.3.0
> Networks can see each other.  How do I enable the 192.168.3.0 and
> 192.168.200.0 networks see each other.  There does not seem to be
> A way to add a static route for that subnet to route across the tunnel
>
>
>          -----------                        -----------
>         |           |                      |           |
>         | m0n0wall1 |INETIP1--------INETIP2| m0n0wall2 |
>         |           |                      |           |
>          -----------                        -----------
>          192.168.2.1                        192.168.3.1
>               |                                   |
>               |                                   |
>               |                                   |
>               |
>          192.168.2.2                        192.168.3.x
>          -----------
>         |           |
>         |  ISA2004  |
>         |           |
>          -----------
>        192.168.100.254
>               |
>               |
>               |
>         192.168.100.1
>          -----------
>         |           |
>         |  W2K3DNS  |
>         |           |
>          -----------