|
||||||||||
Chris Buechler wrote: > On 4/8/06, Gil Freund <gilf at sysnet dot co dot il> wrote: >> We are having problems with our leased line, and were wondering if we can setup >> a redundent VPN tunnel tunnel over the adsl lines. > > Yes. you'll have to manually adjust your routing appropriately to > direct the traffic over the tunnel. (unless you can setup the router > for the leased line to automatically route to the appropriate > destination based on the status of leased line. that's beyond the > scope of this list though) Thanks for the reply, but I am not sure I understand. The leased line and the adsl line are on separate routers, so the fail over has to occur on the M0N0. Should I setup two tunnels? > > >> (This is assumeing the netscreen can do it.... If not a two m0n0wall config will >> be just fine by me) >> > > Netscreen should be usable as an IPsec endpoint, but it might be > easier and quicker to get it running with two m0n0walls. Probably what I will do once the NS service contract runs out. > > This is old documentation, and I know there are some inaccuracies, but > it should get you up and running. One main thing I'd suggest is to > use main mode rather than aggressive as it suggests. > http://doc.m0n0.ch/handbook/ipsec-tunnels.html This is for one tunnel (which works fine, both with a Netscreen and PfSense). I am having some difficulty understanding how to set two tunnels between the same nets, using different routes. > > -Chris |