[ previous ] [ next ] [ threads ]
 
 From:  "Seth Martin" <SethM at turbinegenerator dot com>
 To:  <ejask at aim dot com>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] CORRECTED: Can't Connect A Simple IPSec VPN
 Date:  Wed, 27 Jul 2005 15:25:39 -0400
10.172.1.235 is a private IP address...

-----Original Message-----
From: ejask at aim dot com [mailto:ejask at aim dot com] 
Sent: Wednesday, July 27, 2005 2:28 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] CORRECTED: Can't Connect A Simple IPSec VPN

My last post had some errors in the ip addresses. Here is the corrected 
 
 
I am having trouble connecting two monowall firewalls thru a IPSec vpn
tunnel. I 
want to create a network between 4 computers located at two different
sites. 
There are only 2 computers located at each site and all have static ip 
addresses. The monowall wan addressess uses a dhcp server to obtain an
ip, but 
it obtains the same ip address ever time. 

Here are my lan setups

Computer 1: 192.168.100.101     Computer 2: 192.168.100.102
            \                                                   /
             -------\                            /-------
                        ------\         /------
                        Monowall A Lan: 192.168.100.100
                        Monowall A Wan: 10.172.1.235
                                       |
                                  Internet
                                       |
                        Monowall B Wan: 12.147.205.62
                         Monowall B Lan: 192.168.200.100
                        ------/         \------
             -------/                            \-------
            /                                                   \
Computer 1: 192.168.200.101     Computer 2: 192.168.200.102

Here are the configurations I used in the VPN: IPsec: Edit Tunnel Screen

Monowall A: Interface: WAN
                 Local Subnet: LAN Subnet
                 Remote Subnet: 192.168.200.0/24
                 Remote Gateway: 12.147.205.62
   Phase 1
                 Negotiation Mode: Aggresive
                 My Identifier: My IP Address
                 Encryption Algorithm: 3DES
                 Hash Algorithm: SHA1
                 DH Key Group: 2
                 Authentification Method: Pre-shared key
                 Pre-Shared Key:  "Same Key on Both"
   Phase 2        
                 Protocol: ESP
                 Encryption Algorithms: 3DES
                 Hash Algorithms: SHA1
                 PFS Key Group: off


Monowall B Interface: WAN
                 Local Subnet: LAN Subnet
                 Remote Subnet: 192.168.100.0/24
                 Remote Gateway: 10.172.1.235
   Phase 1
                 Negotiation Mode: Aggresive
                 My Identifier: My IP Address
                 Encryption Algorithm: 3DES
                 Hash Algorithm: SHA1
                 DH Key Group: 2
                 Authentification Method: Pre-shared key
                 Pre-Shared Key:  "Same Key on Both"
   Phase 2        
                 Protocol: ESP
                 Encryption Algorithms: 3DES
                 Hash Algorithms: SHA1
                 PFS Key Group: off
   
For some reason, I can not get the two to connect to each other and
Computer 1 
in LAN A can not ping either computer in LAN B and vise versa. 

Any Suggestions?

Thanks,

Eric Jaskula
________________________________________________________________________
Check Out the new free AIM(R) Mail -- 2 GB of storage and
industry-leading spam and email virus protection.

Get your own free AIM(R) Mail account and become eligible to win daily
prizes, ending July 30, 2005. One lucky grand prize winner will even
drive away with a 2005 MINI(R) Cooper S.
http://cdn.channel.aol.com/aimmail/aim_mail.html?mail_footer