On Apr 7, 2005 9:35 AM, Damian <druiz at rochman dot net> wrote:
> The Ciscos has the function of linking the 10.1.3 and 10.1.4 (two locations
> ahead a mile) and we don't want to touch anything in these equipes. (first
> rule: don't touch if they rules)
> The m0n0s has the function of lan control of the wifi equipment, and the
> question is because i tried without luck to make a connection between all
> lans (from laptop in 10.1.1 to fileserver in 10.1.4 and viceversa from
> laptop in 10.1.2 to another fileserver in 10.1.3)
> The primary reason for choose the tunnel link is to don't touch the ciscos.
Solid reasoning. You should be able to route across though, assuming
everything along the line has all the appropriate routes. (the Ciscos
would need to know about both the networks behind m0n0wall in their
routing tables) That's probably the easiest thing to do. If you
can't hit one of them from the other side, setting up a VPN tunnel
will be even more frustrating.
Set up firewall rules on the WAN of both m0n0walls to permit ICMP and
ping from one m0n0wall to the other in both directions. If that
doesn't work, your Ciscos are likely missing routes.
Oh, and in this situation you'll likely want to enable advanced
outbound NAT so m0n0wall just routes since you have no need for NAT in