After some tweaking and reading around I found the problem. Adding a static route on the interface
LAN with the remote network and the local mono ip was the solution to get this working.

- Bernhard

> -----Original Message-----
> From: Bernhard Werner [mailto:b dot werner at reidl dot de]
> Sent: Monday, September 26, 2005 12:08 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] PPTP remote radius problem
> 
> Hi,
> 
> We are actually using three WRAP m0n0 installations for site-to-site
> connections over ADSL. Recently we were trying to set up a PPTP server
> on each site while using only one centralized radius server.
> 
> Currently we are using
> 
> 192.168.100.0/24 Main Site
> 192.168.101.0/24 Remote Site 1
> 192.168.255.0/24 Remote Site 2
> 
> as site subnets while, the .100. network has a static WAN ip address
> and terminates the IPSEC connection from the remote sites. The problem
> we discover now is that we cannot use the radius server in the
> 192.168.100.0 network for authentication, because it seems that the
> remote monowalls try to connect to it using their WAN interface.
> 
> Doing a traceroute at each site using a 192.168.100.0 destination
> address shows that the monowall is trying to access these IPs over its
> WAN interface. On the other hand all the IPSEC connections are working
> perfectly and the connection is working like a charm between the
> sites.
> 
> Output from the .101. monowall...
> traceroute to 192.168.100.253 (192.168.100.253), 18 hops max, 44 byte
> packets
>  1  6.189.broadband3.iol.cz (85.70.189.6)  93.406 ms  314.178 ms
> 482.837 ms
>  2  73.189.broadband3.iol.cz (85.70.189.73)  121.565 ms  23.256 ms
> 16.089 ms
>  3  * * *
> ...
> 
> Pinging the IP with having the LAN interface selected works on the
> other hand. Maybe this is a known or unknown issue or I have some
> major configuration error.
> 
> 
> Best regards,
> 
> 
> Bernhard