[ previous ] [ next ] [ threads ]
 
 From:  "Wagenborg Kazakhstan - Alex Hofstetter" <alex dot hofstetter at wagenborg dot com>
 To:  "MonoWall Mailing List" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  [m0n0wall] Ipsec Tunnel over Inet on OPT1
 Date:  Mon, 29 May 2006 06:23:44 +0200
Goodday list,

I'm using the m0n0wall on Soekris hardware 4801 for some time now and am very 
pleased with the performance so far. 
However now I stumbled over some problem. On one of our sites I have 2 different 
ISP connections, 1 is connected to the WAN port and is used for internet access 
and VPN tunnels to the other sites. Now I want to connect the 2nd ISP to the 
OPT1 port and use this to setup a tunnel to another Soekris box (WAN port), so 
no load sharing or other stuff just 1 more Ipsec tunnel over the Inet. 
Since the tunnel I want to move is now connected on the WAN port I changed the 
Port (WAN-OPT1) in the tunnel setup and the IP gateway address on the other. But 
so far this was not working because according to the log page ESP traffic is 
blocked on OPT1 even if I put a rule on this port to allow all ESP traffic:  

OPT1
Allow ESP	*	*	*	*
Block *		*	*	*	*

What am I missing? Any ideas?

Regards,
Alex.