[ previous ] [ next ] [ threads ]
 
 From:  "Braden McGrath" <braden at mcmail dot homeip dot net>
 To:  "Jeroen Geusebroek" <j dot geusebroek at gmail dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] IPSEC tunnel and multiple subnets
 Date:  Fri, 25 Mar 2005 14:02:11 -0500
I think you need to set the static route on 10.9.1.254, telling it that
all traffic for 192.168.1.0/24 goes through 10.9.1.18.

It's not .2.254's job to route "past" its next peer - if you tell it to
route traffic (via IPSEC) to the other end of the tunnel, the router at
the other end needs to know where to send the traffic for
192.168.1.0/24. 

> -----Original Message-----
> From: Jeroen Geusebroek [mailto:j dot geusebroek at gmail dot com] 
> Sent: Friday, March 25, 2005 7:25 AM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] IPSEC tunnel and multiple subnets
> 
> I was wondering on how to set up IPSEC when you have more 
> then 1 subnet on one or both sides if the tunnel.
> 
> For example if i have a tunnel from 10.9.1.0/24 TO 
> 10.9.2.0/24 and on the 10.9.1.0/24 side there is a router 
> with a 192.168.1.0/24 subnet behind it.
> 
> So:
> 
> 192.168.1.0/24 <--> 192.168.1.254 <--> 10.9.1.18 <--> 
> 10.9.1.254 <--TUNNEL--> 10.9.2.254 <--> 10.9.2.0/24
> 
> (Hope that is clear, i'm not very good in ascii diagrams ;))
> 
> Is it possible using a standard tunnel to have the 
> 10.9.2.0/24 subnet reach the 192.168.1.0/24 subnet?
> 
> I've tried to set a static route on the 10.9.2.254 m0n0wall to the
> 192.168.1.0/24 subnet using the 10.9.1.18 as gateway adress 
> but that doesn't work. The packet does not reach 10.9.1.18.
> 
> Any suggestions?
> 
> --
> Jeroen
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>