[ previous ] [ next ] [ threads ]
 
 From:  "Chris Buechler" <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] problem access dmz from tunnel vpn
 Date:  Sat, 25 Mar 2006 15:29:21 -0500 
On 3/25/06, Luigi Abretti <luigi at itsosgadda dot it> wrote:
> Help me:
>
> Firewall A
>
> Mode: Tunnel
> Interface: ?
> Local Subnet:   Type:?   Address: ?
> Remote Subnet: ?
> Remote Gateway: ?
>

Set up all that stuff exactly the same as the connection you have
working now, except change the local and remote subnet appropriately.

Firewall A
local subnet: 192.168.10.0/24
remote subnet:  192.168.5.0/24

Firewall B
local subnet:  192.168.5.0/24
remote subnet:  192.168.10.0/24

You can make this a lot cleaner by setting the DMZ subnet on firewall
A to something within 10.0.0.0/8.  I'm sure you don't need a whole /8
network on the LAN of that machine, though changing the LAN subnet
could end up being a significant amount of work.  You could make the
LAN 10.0.0.0/24 and the DMZ 10.10.0.0/24, or something like that, and
the single 10.0.0.0/8 VPN tunnel will work.

-Chris