[ previous ] [ next ] [ threads ]
 
 From:  "Keith Redfield" <kredfield at airsurfwireless dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Routing over IPSEC
 Date:  Sat, 29 Jan 2005 14:17:04 -0800
Further to this..with the OpenVPN client-server is this issue resolved? - i.e. we can create
m0n0<->m0n0 tunnels which support routing protocols? Has anyone tried?
 
Thanks,
 
-Keith

________________________________

From: Keith Redfield [mailto:kredfield at airsurfwireless dot com]
Sent: Fri 1/28/2005 12:09 PM
To: Danny Puckett; Danny Puckett; m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Routing over IPSEC



Hi Danny

Welcome to the club..;0

I just posted a day or so ago with the same problem. The short answer is you need to set up a VPN
for each remote network/subnet you need to reach. I am up to 3...

The VPN apparently doesn't really act as a default gateway in the way that I (or you perhaps)
expected - it will only forward packets destined for the remote network which terminnates the VPN 
(hopefully Chris will chime in if I'm getting this wrong).

The good news is that the VPN local subnet doesn't have to be resident on m0n0 so long as m0n0 has a
route to that subnet.

Hope this helps.

Cheers,

-Keith

________________________________

From: Danny Puckett [mailto:dpuckett at comresource dot com]
Sent: Fri 1/28/2005 11:18 AM
To: Danny Puckett; m0n0wall at lists dot m0n0 dot ch
Subject: RE: [m0n0wall] Routing over IPSEC



That should read 192.168.3.0 to 192.168.100.0  Sorry

> -----Original Message-----
> From: Danny Puckett [mailto:dpuckett at comresource dot com]
> Sent: Friday, January 28, 2005 2:07 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] Routing over IPSEC
>
> I have a config as show below.  I have an IPSEC tunnel
> From m0n0wall1 to m0n0wall2.  The 192.168.2.0 and the 192.168.3.0
> Networks can see each other.  How do I enable the 192.168.3.0 and
> 192.168.200.0 networks see each other.  There does not seem to be
> A way to add a static route for that subnet to route across the tunnel
>
>
>          -----------                        -----------
>         |           |                      |           |
>         | m0n0wall1 |INETIP1--------INETIP2| m0n0wall2 |
>         |           |                      |           |
>          -----------                        -----------
>          192.168.2.1                        192.168.3.1
>               |                                   |
>               |                                   |
>               |                                   |
>               |
>          192.168.2.2                        192.168.3.x
>          -----------
>         |           |
>         |  ISA2004  |
>         |           |
>          -----------
>        192.168.100.254
>               |
>               |
>               |
>         192.168.100.1
>          -----------
>         |           |
>         |  W2K3DNS  |
>         |           |
>          -----------