IPSEC Sito-to-Site Tunnel - Routing question

From:	"Dirk Schumacher" <Dirk dot Schumacher at cosi dash tronic dot de>
To:	<m0n0wall at lists dot m0n0 dot ch>
Subject:	IPSEC Sito-to-Site Tunnel - Routing question
Date:	Thu, 15 Dec 2005 16:59:33 +0100

Hi everyone,

i have following config:

                                                      192.168.2.0/24   
                                                192.168.1.0/24
 Internet ----- Router (no Monowall!)----------------Router (no
Monowall)----------Internal Net1
                                                                /
                                                               /
                                                            LAN 2.4
                                                       Monowall1
                                                           WAN 100.1
                                                              \
                                                               \       
  Leased Line (pure Ethernet) IPSEC Tunnel 192.168.100.1 <>
192.168.100.2 (Tunnel für Net 192.168.0.0/20)
                                                                \
                                                              WAN
100.2
                                                         Monowall2
                                                             LAN
16.254
                                                                /
                                                               /
                                                        internal Net2 
192.168.16.0/24

I can ping from internal Net2 to hosts on 192.168.1.0/24 and
192.168.2.0/24. But i cant ping to the Internet. this Traffic is routed
from Monowall 2 to Monowall1 and blocked at the WAN Side on Monowall1
(No incomming traffic allowed - only default FW-rule). How can i route
the complete Traffic from internal Net2 trough the IPSEC Tunnel to the
other Networks ?
Thanks all for ideas!

Dirk

@Manuel: Many thanks for your good work!!