[ previous ] [ next ] [ threads ]
 From:  "Chris Martin" <chris at analox dot net>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Syslogging across VPN
 Date:  Fri, 18 Nov 2005 08:25:39 -0000
Thanks Holger,

I've added a static route on the remote box using the LAN interface and its LAN IP as the gateway,
and its working - the M0n0 is now logging to our local syslog. I'm going to keep an eye on it to see
if it causes any issues, but at this early stage all seems fine


-----Original Message-----
From: Holger Bauer [mailto:Holger dot Bauer at citec dash ag dot de] 
Sent: 18 November 2005 07:18
To: Bjoern Euler (lists at edain); m0n0wall at lists dot m0n0 dot ch
Subject: AW: [m0n0wall] Syslogging across VPN[Scanned]

Not nice but should work: set a route to the remote vpn-subnet with gateway your local lan
interface. this way you even can establish the tunnel by pinging the remote subnet from the m0n0
itself. But beware not to run in problems caused by this. I haven't found issues with this
configuration but haven't tested this very excessivly.
Holger Bauer

	-----Ursprüngliche Nachricht----- 
	Von: Bjoern Euler (lists at edain) [mailto:lists at edain dot de] 
	Gesendet: Do 17.11.2005 20:20 
	An: m0n0wall at lists dot m0n0 dot ch 
	Betreff: Re: [m0n0wall] Syslogging across VPN

	Chris Martin wrote:
	> Hi All,
	> I have a slight problem. I have a VPN with M0n0walls at either end - it
	> works fine. PCs etc can communicate across it both ways without any
	> problems. What I have noticed though is that neither Monowall can ping a
	> host on the other side (although hosts can ping them). The main problem,
	> and the reason for this post, is that I've just installed a syslog
	> server on the LAN at one end. The local m0n0wall is logging to it fine,
	> but I am not getting anything from the remote one. Any ideas/
	> suggestions greatly appreciated.
	> Thanks
	> Chris Martin
	just a shot in the dark:
	m0n0wall is sending the syslog packets from its WAN IP address. It knows
	the network of your syslog server by its default route and so the
	packets never match your IPSec tunnel configuration.
	To verify you could add a filter rule for syslog on the wan interface
	with logging enabled.
	To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
	For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch

Virus checked by G DATA AntiVirusKit

This email message is intended only for the addressee(s) 
and contains information that may be confidential and/or 
copyright.  If you are not the intended recipient please 
notify the sender by reply email and immediately delete 
this email. Use, disclosure or reproduction of this email 
by anyone other than the intended recipient(s) is strictly