[ previous ] [ next ] [ threads ]
 From:  "Neil Schneider" <pacneil at linuxgeek dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  ipsec over wireless route
 Date:  Thu, 18 Dec 2003 16:12:16 -0800 (PST)
Well being courteous and giving props to Manuel got me zero answers. Maybe
I should get nasty and curse! :) I hope I get some response this time,
that at least indicates my mail is going out. Even if it's to tell me what
a stupid idiot I am. :)

I'm trying to configure a wireless connection to carry ipsec. I have two
Soekris N4501 with Netgate EL-2511MP PLUS Mini PCI cards. I know they're
communicating and I have successfully set up routing and had everything
working between them. Now I try to impliment ipsec.

I'll call the two machines "Hub" and "Satelite" for simplicity. Satelite
has only a wireless connection, which is going to route through Hub. From
looking at the logs and messing with the configuration it seems that Hub
wants to find Satelites route through it's default route instead of the
wireless interface. This confuses me because the "netstat -rn" shows that
Hub has a route to Satelite. Why would it want to set up it's tunnel
through the default route when Satelite's route is known? Is there some
built in assumption that all tunnels will go through the default route, or
is there an option I'm missing?

Here's a crude asci drawing:

                           Hub           Satelite
                           |_|---- WLAN ----|_|
                           / \                \
                          /   \                \
                         LAN  WAN               LAN

Neil Schneider                              pacneil_at_linuxgeek_dot_net
Key fingerprint = 67F0 E493 FCC0 0A8C 769B  8209 32D7 1DB1 8460 C47D

Clothes make the man. Naked people have little or no influence on society.
-- Mark Twain