[ previous ] [ next ] [ threads ]
 From:  Peter Allgeyer <allgeyer at web dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Cc:  Frans King <frans dot king at f333 dot net>
 Subject:  RE: [m0n0wall] m0n0wall to cisco vpn
 Date:  Wed, 23 Feb 2005 19:20:44 +0100
Hi Frans!

Am Mittwoch, den 23.02.2005, 17:42 +0000 schrieb Frans King:
> That is a shame. Whoever set the cisco end up has disabled support for
> excluding my local lan subnet from the vpn tunnel so I have a choice of
> connecting to the vpn and only the vpn or connecting to my lan.

Not with m0n0wall (so far). Go out and buy a small cisco pix 501 (about
EUR 300,- on eBay) or set up an old machine as router with vpnc
installed. You can use any supported platform supported by vpnc for this
(eg. Linux, Free-, Net-, OpenBSD, Solaris, ...). Vpnc will establish the
ipsec tunnel to the concentrator and is able to route your whole
network. Be aware that so far no certificates are supported and no
rekeying is being made (the connection will time out 8h at the latest).
As of knoppix 3.4 vpnc should be inside, so you can test it at very
little cost.
> I was hoping I could find a way round this with m0n0wall.
Maybe in future, if I've solved the problems with getting vpnc working
on m0n0wall.

Ciao ...
	... PIT ...

 copyleft(c) by |   _-_     Yes I have a Machintosh, please don't scream
 Peter Allgeyer | 0(o_o)0   at me.  -- Larry Blumette on linux-kernel