> it doesnt matter what rules i have, ipsec mobile clients alway have full
> access to all networks. am i missing something?
As Chris pointed out: unfortunately it is not possible at the moment
with m0n0wall. (Though the underlying firewall software supports it.)
-make the VPN tunnel only use the desired network (afaik Bintec uses
0.0.0.0/0 as default remote subnet)
-Setup filter on the Bintec clients
-Use a second firewall/m0n0wall behind your VPN box to implement the