Le Mardi 6 Décembre 2005 14:17, Adam Armstrong a écrit :
> > From: "JT" <j dot tarot at tecsas dot fr>
> > > I've no control on cisco (1700) routeurs which are managed by
> > > the ISP.
> > This could be a problem. You will need the cooperation of the
> > ISP.
> > > ATM, I've made the base setup so, from the m0n0wall interface,
> > > I can ping the ciscos. But no chance from the LANs.
> > > I've tried to add a rule that allow all trafic from "SDSL nets"
> > > on opt1 interfaces to any... still unsuccessful.
> > You need static routes to the Cisco routers for the other LAN.
> > However, the
> > Cisco routers also need those static routes. It sounds like the
> > Cisco routers don't know about any of the 192.X.X.X addresses, so
> > the packets stop
> > there. Try a traceroute, and I bet you fail at the Cisco.
> Does your ISP allow you to inject routes into their CPE router via
> a routing protocol?
Don't know... will ask tomorrow.
> The standard way for an ISP to propagate customer routes across an
> MPLS VPN is by using OSPF/RIP and then propagating them across it's
> network using MP-BGP. Unfortunately m0n0wall, afaik, can't do any
> dynamic routing, but if the ISP allows it, you might be able to
> find a cheap router to stick between the CPE and m0n0wall or use
> pfSense+zebra or something.
hmm, these are not_so_good news :'(
> Is this just a simple point to point link? Or are there multiple
> sites connected via it?
Simple point to point link.