[ previous ] [ next ] [ threads ]
 
 From:  "Braden McGrath" <braden at mcmail dot homeip dot net>
 To:  "Zach Lowry" <zach at zachlowry dot net>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Problem with IPSec routing w/ PPPoE and Routed Block
 Date:  Thu, 24 Mar 2005 20:20:29 -0500
I'm confused here.  You say you get multiple IPs, yet you still have to
login via PPPoE?

I don't have PPPoE here; will m0n0 allow you to self-assign a static IP
on your PPPoE link, or does it have to be dynamic?

If it's dynamic, seems like you're SOL, unless you can get the ISP to
change which IP is handed out to the PPPoE authenticator...

I'm not sure on any of this though, as I don't have multiple IPs on my
m0n0wall's WAN interface.

--Braden 

> -----Original Message-----
> From: Zach Lowry [mailto:zach at zachlowry dot net] 
> Sent: Thursday, March 24, 2005 1:55 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] Problem with IPSec routing w/ PPPoE 
> and Routed Block
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> 
> Did I ask a stupid question, or a really good one?
> 
> Zach Lowry wrote:
> | I have a routed block of 5 IPs from my DSL provider, which I access 
> | through a PPPoE Connection. I want my LAN to be NATed behind one of 
> | those IPs, so I have it listed in "Server IPs" and 
> "Advanced Outbound 
> | NAT" enabled. This seems to work fine, causing all traffic from my 
> | local lan to come from that IP.
> |
> | However, now I am trying to set up an IPsec VPN to a Cisco PIX.
> | Apparently, when the racoon daemon sends the authentication 
> packets, 
> | these packets appear to originate from my "dynamic" IP from 
> the PPPoE 
> | connection, not the static IP I have set in Server IPs. The 
> | authentication with the Cisco fails, due to the fact that the 
> | originating IP does not match the IP used for the identity. 
> How can I 
> | get around this?
> 
> - 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> 
> 
> - --
> Zach Lowry
> MTSU, Murfreesboro, TN
> zach at zachlowry dot net
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.5 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
> 
> iQCVAwUBQkMNA0lgWWUxLyqhAQEGyAP/YZbK6k+tBaG0W1fEvfZpBGEEhRuLvbQR
> lmkpi12lA2/MAL3VUm82iOCGMU6mpSvB6T4BCd+hT2ZlnXPWtw427iPcBJQUZott
> 9oO9Odso2a51A4dUHW2U8DZZ6xHSYdja4uUBsx94mBRjJ7CoQ/20iVaYhy0wxOJZ
> e9TW7X4D/OY=
> =tEf1
> -----END PGP SIGNATURE-----
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>