[ previous ] [ next ] [ threads ]
 
 From:  Steven Shatz <steven underscore shatz at yahoo dot com>
 To:  Greg Miller <gmiller at mainstaydata dot com>, m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] Routing across different subnets and m0n0wall devices
 Date:  Tue, 20 Sep 2005 16:54:40 -0700 (PDT)
Greg,

The encryption is an overhead that, for this
situation, is not necessary to the end applications. 
I attempted to use the gif pseudo-device, but this has
not worked.    I've done a simple:

ifconfig gif0 create
ifconfig gif0 tunnel 192.168.1.197 192.168.1.198 up 
ifconfig gif0 192.168.3.1 192.168.2.1 netmask
255.255.0.0 up

And vice-versa for the other side.  I am still not
able to ping between the devices.  Have I forgotten
something for these IP tunnels, or is there a conflict
with a firewall that is currently set to pass all
through the WAN?

Thanks for your help
Steven

--- Greg Miller <gmiller at mainstaydata dot com> wrote:

> Sounds like an IPSEC tunnel would work best for
> this.  They are easy to
> setup and it deals with routing traffic from net A
> to net B and vice-versa
> 
> --
> Greg Miller
> www.mainstaydata.com
> o. 616.855.2559
> c. 616.890.7813
> f.  616.777.0504
> 
> -----Original Message-----
> From: Steven Shatz [mailto:steven underscore shatz at yahoo dot com] 
> Sent: Tuesday, September 20, 2005 2:01 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] Routing across different subnets
> and m0n0wall devices
> 
> Hello all,
> 
> I have a question as to whether anyone has set up
> routing between m0n0wall devices such that clients
> on
> either m0n0wall device can access clients on the
> other
> m0n0wall device, with each m0n0wall device having
> different subnets.
> 
> My desired configuration is two m0n0wall devices:
> 
> m0n0wallA
> LAN:  192.168.2.1 (serves clients 192.168.2.0/24 via
> DHCP)
> WAN:  192.168.1.198
> 
> m0n0wallB:
> LAN:  192.168.3.1 (serves clients 192.168.3.0/24 via
> DHCP)
> WAN:  192.168.1.197
> 
> ClientA: (located under m0n0wallA)
> 192.168.2.199
> 
> ClientB:  (located under m0n0wallB)
> 192.168.3.199
> 
> 
> Now, is there any way that Client B can reach Client
> A, or vice-versa?  
> 
> I tried using static routes in the kernel by adding
> routes from the m0n0wallA to m0n0wallB's WAN (route
> add 192.168.3.0 -netmask 255.255.255.0
> 192.168.1.197)
> with no success.  The traceroutes terminate at
> 192.168.1.197 and don't continue routing down into
> the
> subnet 192.168.3.0/24.
> 
> I tried using proxy ARP and server-NAT to expose the
> subnets, but by the time the ARPs reach the
> 192.168.1.1 subnet, ARPs aren't triggered and are
> sent
> on their way to the next router specified by
> "default".
> 
> Are there any ideas as to what I may be missing or
> how
> I can address this issue?
> 
> Thanks
> Steven
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam
> protection around 
> http://mail.yahoo.com 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail:
> m0n0wall dash help at lists dot m0n0 dot ch
> 
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail:
> m0n0wall dash help at lists dot m0n0 dot ch
> 
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com