Thanks much for letting me know it works... I connected it up again and
checked, the fragments were already allowed on the default LAN -> any
I poked around a little more and tried unchecking the box on the WAN
interface page that blocks private network traffic, that did the trick.
I really love the firewall and want to install it at a customer site,
but they use VPN connections now and I really need to get a little
information on how to set up a simple IKE exchange, pre-shared key,
3des, vpn with SafeNet client. Could you give me a little hint?
They need to set up a real DMZ with a web server accessing a secure
database at the back end. From what I have seen, the m0n0wall will do
the trick nicely.
Thanks for the great little firewall, BTW I saw it on TechTV and jumped
in, I wanted to play too! ;-)
eileen at kelltech dot biz
From: Manuel Kasper [mailto:mk at neon1 dot net]
Sent: Thursday, January 08, 2004 12:26 AM
To: Eileen Kelleher
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] m0n0wall does not pass IPSEC traffic?
Eileen Kelleher said:
> I have encountered a serious problem, at least for me. The firewall
> does not seem to be able to pass any IPSEC traffic from the LAN
> to the WAN connection. Does anyone have a clue what I could do to
> enable this?
> I lowered the MTU to ensure encapsulation wouldn't be the problem,
> fixed it for a NetScreen firewall when I encountered the same symptoms
> I am using a safenet client on a windows XP system to connect out to a
> remote netscreen endpoint. It gets a connection but cannot pass any
I have a SafeNet SoftRemote client running on a Win XP notebook behind
m0n0wall at home, too. It connects to a ZyWALL and works flawlessly. You
may have to allow fragments in your default LAN -> any rule, though.