[ previous ] [ next ] [ threads ]
 From:  =?iso-8859-2?Q?Robert_ (Sneer) _Siemi=F1ski?= <sneer at poczta dot fm>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  IPsec over wireless connection
 Date:  Tue, 23 May 2006 23:26:19 +0200

I have a problem with setting up a IPsec tunnel on m0n0wall. Configuration looks like

LAN1 - m0no1 - wireless bridge (now it is only crossover cable) - mono2 - Internet

LAN1 is
LAN2 is
connection between monowalls is default policy on both
interfaces is drop, and IPsec connection is working between them (how
is it possible? ;) ).

When I ping from LAN1, I can reach: mono1 wireless interface, LAN2
hosts, mono2 wireless interface, but I can't ping mono2 Interent
interface and mono2 wireless interface of course and I can't reach any
Internet hosts. From LAN2 network I can connect with Internet and
with LAN1 hosts. I added static routes on mono1, one on LAN interface for
network with gateway (that is ip of
interface in mono2) and one on LAN interface of mono2 for network with gateway (ip of interface in mono1).
Everything seems to be ok, but I still can't reach Internet hosts from
LAN1 :(, from LAN2 it is not a problem.

when I add allow any policy on wireless interface mono2, I can connect
to Internet, but traffic avoids IPsec connection. Does anyone have any
solution? I only want to have Internet in LAN1, LAN2 and safe
connection over wireless. Is it possible to have LAN1 and LAN2 in the
same network? All host on both sites on network?

Routing table for mono2:

Destination        Gateway            Flags    Refs      Use  Netif Expire
default         UGSc        0        0    rl0          UH          0        0    lo0
192.168.5       UGSc        2        0    rl0
192.168.6          link#2             UC          1        0   fxp0        link#2             UHRLW       1     8424   fxp0     10
192.168.15/30      link#1             UC          1        0    rl0       00:50:ba:xx:xx:xx  UHLW        5      487    rl0    673

and for mono1:

Destination        Gateway            Flags    Refs      Use  Netif Expire
default            83.18.xxx.xxx      UGSc        4    24784   fxp0
83.18.xxx.xxx/29   link#3             UC          1        0   fxp0
83.18.xxx.xxx      00:0b:23:xx:xx:xx  UHLW        5        0   fxp0   1174          UH          0        0    lo0
192.168.5          link#2             UC          1        0    rl1       00:0c:6e:xx:xx:xx  UHLW        2    20015    rl1    827      UH          2      749    ng1           it is because of PPTP
from Internet.      00:50:ba:xx:xx:xx  UHLS2       0        0    rl1      lo0                UHS         0        0    lo0
192.168.6       UGSc        0     8848    rl0
192.168.15/30      link#1             UC          1        0    rl0       00:50:ba:xx:xx:xx  UHLW        2     8889    rl0    630

Best regards,
 Robert (Sneer) Siemiñski

INTERIA.PL dla kobiet... >>> http://link.interia.pl/f193b