[ previous ] [ next ] [ threads ]
 
 From:  "Philippe Lang" <philippe dot lang at attiksystem dot ch>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  VPN configuration & NAT
 Date:  Fri, 26 Aug 2005 11:38:26 +0200 
Hi,

I'm trying to replace my actual Lightning firewall with a Soekris 4801
(m0n0wall 1.11), and I have a small problem:

My network is 10.0.0.0/8, and the remote network is 172.26.26.0/24.

The problem is that the remote network already has a VPN with another
10.0.0.0/8 network.

My solution with the Lightning was to map my 10.0.0.0/8 to the
172.31.1.0/24 network, and create a VPN between 172.26.26.0/24 and
172.31.1.0/24 networks, with a "mapto/source" and a "mapto/destination"
on my Lightning, like:

Source           Destination       Cmd     Translation    Type
----------------------------------------------------------------
10.0.0.111/32    172.26.26.0/24    mapto   172.31.1.111   Source
172.26.26.0/24   172.31.1.111/32   mapto   10.0.0.111     Destination

This permits 10.0.0.111 to access the 172.26.26.0/24 network without
interfering with the other 10.0.0.0/8 network.


What would be the equivalent setting on the M0n0wall? I have tried
playing with the NAT 1:1, but I couldn't make it work. Do you have an
idea?


By the way, thanks for the M0n0wall, this is a great tool...


----------------------------------
Philippe Lang
Attik System
rte de la Fonderie 2
1700 Fribourg
Switzerland
http://www.attiksystem.ch

Tel:   +41 (26) 422 13 75 
Fax:   +41 (26) 422 13 76
GSM:   +41 (79) 351 49 94
Email: philippe dot lang at attiksystem dot ch
Skype: philippe.lang