On 5/24/05, Carlo Landmeter <clandmeter at gmail dot com> wrote:
> I have tried using the Cisco to Cisco vpn tunnel and windows 2003 vpn
> client to connect to another m0n0wall without success.
> If anyone can help me/give advise to analyse the traffic that would be nice.
> Attached you will find my config which I discussed in my previous mail.
Config certainly looks correct for a routed subnet.
You implied but did not directly state that you have tested accessing
(from a remote network) some tcp based service on the vpn machine.
Was your vpn client on the same network when you sucessfully tested
the pptp server on the router that you were when you made the failed
tests to vpn servers in your DMZ? Some PNAT implementations have code
to allow a single GRE tunnel to traverse them. Others do not.
You could add logging pass rules in each direction for GRE packets to
the router to verify that they are going through (before the default
Beyond that, I suggest you investigate the logs of your vpn client and