[ previous ] [ next ] [ threads ]
 
 From:  "Tim Cary" <tdc at yesinc dot com>
 To:  <daszylstra at comcast dot net>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] IPSEC Clients Communicate with Each Other?
 Date:  Sun, 08 Jan 2006 22:08:32 -0500 
>I have a similar situation . . . . . but not with "Mobile Clients" . .
. .  
>I wrote the below setup before I realized your config does not >locally

>define what IPs are sent over the connection . . . . . you may be >able
to 
>set up the remotes with 2 mobile tunnels each to the corporate >LAN . .
.

Since my remotes are on dynampic IP's, they HAVE to make the connection
FROM them TO Corporate.

>Do all 3 locations have Monowalls?

Yes

>you have to add IPSEC tunnels to each remote using the other >remote's 
>subnet:
>Remote1 IPSEC on the corporate Monowall has 2 tunnels:
>    172.16.x.x(corporate)<->172.18.x.x(remote)
>    172.19.x.x(corporate)<->172.18.x.x(remote)
>Remote2 IPSEC on the corporate Monowall has 2 tunnels:
>    172.16.x.x(corporate)<->172.19.x.x(remote)
>    172.18.x.x(corporate)<->172.19.x.x(remote)

This makes sense, and I have it setup this way now, but still can't get
remote to remote communications.  Perhaps this is since it is "Mobile
IPSEC"  Anyone have more input?