Re: [m0n0wall] Ipsec between two opt1 lans

From:	"Damian" <druiz at rochman dot net>
To:	<m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] Ipsec between two opt1 lans
Date:	Mon, 25 Apr 2005 09:27:26 +0200

Hello, i have the tunnels running and it's ok.
I did some changes to my original schema. 
I have turned on the 'advanced nat' setting in order to (i think) deactivate
nat in wan.
I replace the lan interfaces with wan interfaces (as Chris hinted) and set
the WAN GW to ciscos Ips.
I setup three tunnels as stated in the Ipsec chapter of the m0n0 docbook,
and changed the tunnels endpoint to wan.

Now, i can access to any host in any network between all the host, and can
filter the traffic between networks with the fw rules.

Thanks guys!!

>           Laptop (10.1.1.x/24 via dhcp on m0n01)
>              |
>             ap1
>              |
>              |opt1 (10.1.1.0/24)
>           M0n01
               |WAN (10.1.3.0/24)
>              |
>         cisco router 1
>              |
>              |pointtopoint line
>              |
>         cisco router 2
>              |
               |WAN (10.1.4.0/24)          
>           M0n02
>              |opt1 (10.1.2.0/24)
>              |
>             ap2
>              |
>           Laptop (10.1.2.x/24 via dhcp on m0n02)
>