[ previous ] [ next ] [ threads ]
 
 From:  Steven Shatz <steven underscore shatz at yahoo dot com>
 To:  "Christopher M. Iarocci" <iarocci at eastendsc dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Routing across different subnets and m0n0wall devices
 Date:  Tue, 20 Sep 2005 18:29:40 -0700 (PDT)
Yes.  I can actually ping from the clientA to
m0n0wallB because the address differences between the
m0n0wall level and client levels triggers an ARP.

The odd thing is that using ethereal, I don't think
I'm seeing any packets related to the gif0 interface
flowing back and forth.

Correct me if I'm wrong, but I think that on the
client level, the ARP generated will be picked up by
the gif0 interface which somehow transmits the ARP,
through a tunnel on the m0n0wall layer, to the clientB
network.  In theory, I should be seeing this ARP in
the air, no?

This is why I think maybe I'm setting the tunnel up
incorrectly.

Any ideas?  thanks
Steven

--- "Christopher M. Iarocci" <iarocci at eastendsc dot com>
wrote:

> This might sound trivial, but did you uncheck the
> "Block private 
> networks" under the Interfaces->Wan section?
> 
> Chris
> 
> 
> Steven Shatz wrote:
> 
> >Hello all,
> >
> >I have a question as to whether anyone has set up
> >routing between m0n0wall devices such that clients
> on
> >either m0n0wall device can access clients on the
> other
> >m0n0wall device, with each m0n0wall device having
> >different subnets.
> >
> >My desired configuration is two m0n0wall devices:
> >
> >m0n0wallA
> >LAN:  192.168.2.1 (serves clients 192.168.2.0/24
> via
> >DHCP)
> >WAN:  192.168.1.198
> >
> >m0n0wallB:
> >LAN:  192.168.3.1 (serves clients 192.168.3.0/24
> via
> >DHCP)
> >WAN:  192.168.1.197
> >
> >ClientA: (located under m0n0wallA)
> >192.168.2.199
> >
> >ClientB:  (located under m0n0wallB)
> >192.168.3.199
> >
> >
> >Now, is there any way that Client B can reach
> Client
> >A, or vice-versa?  
> >
> >I tried using static routes in the kernel by adding
> >routes from the m0n0wallA to m0n0wallB's WAN (route
> >add 192.168.3.0 -netmask 255.255.255.0
> 192.168.1.197)
> >with no success.  The traceroutes terminate at
> >192.168.1.197 and don't continue routing down into
> the
> >subnet 192.168.3.0/24.
> >
> >I tried using proxy ARP and server-NAT to expose
> the
> >subnets, but by the time the ARPs reach the
> >192.168.1.1 subnet, ARPs aren't triggered and are
> sent
> >on their way to the next router specified by
> >"default".
> >
> >Are there any ideas as to what I may be missing or
> how
> >I can address this issue?
> >
> >Thanks
> >Steven
> >
> >__________________________________________________
> >Do You Yahoo!?
> >Tired of spam?  Yahoo! Mail has the best spam
> protection around 
> >http://mail.yahoo.com 
> >
>
>---------------------------------------------------------------------
> >To unsubscribe, e-mail:
> m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> >For additional commands, e-mail:
> m0n0wall dash help at lists dot m0n0 dot ch
> >
> >  
> >
> 
> 



		
__________________________________ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com