Chris Buechler wrote:
> On 4/8/06, Gil Freund <gilf at sysnet dot co dot il> wrote:
>> We are having problems with our leased line, and were wondering if we can setup
>> a redundent VPN tunnel tunnel over the adsl lines.
> Yes. you'll have to manually adjust your routing appropriately to
> direct the traffic over the tunnel. (unless you can setup the router
> for the leased line to automatically route to the appropriate
> destination based on the status of leased line. that's beyond the
> scope of this list though)
Thanks for the reply, but I am not sure I understand. The leased line and the
adsl line are on separate routers, so the fail over has to occur on the M0N0.
Should I setup two tunnels?
>> (This is assumeing the netscreen can do it.... If not a two m0n0wall config will
>> be just fine by me)
> Netscreen should be usable as an IPsec endpoint, but it might be
> easier and quicker to get it running with two m0n0walls.
Probably what I will do once the NS service contract runs out.
> This is old documentation, and I know there are some inaccuracies, but
> it should get you up and running. One main thing I'd suggest is to
> use main mode rather than aggressive as it suggests.
This is for one tunnel (which works fine, both with a Netscreen and PfSense). I
am having some difficulty understanding how to set two tunnels between the same
nets, using different routes.