[ previous ] [ next ] [ threads ]
 
 From:  "Holger Bauer" <Holger dot Bauer at citec dash ag dot de>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] M0n0wall to M0n0wall VPN Routing?
 Date:  Wed, 28 Jun 2006 14:00:36 +0200
Yep, there was some misunderstanding. After the tunnel has been established clients will be able to
communicate with each other if they use the m0n0 as default gateway. No need to add routes at the
m0n0 and routes won't work via IPSEC anyway. m0n0 can't firewall IPSEC-Traffic, so there is no need
to set up rules for the Tunnel itself, however both ends should have Rules at LAN allowing the
traffic to the remote subnet incoming at this interface.

What I was understanding is that you had 2 subnets at one end (like LAN and OPT1) and in that case
you would have needed parallel tunnels unless you can sum up the networkmasks somehow.

Holger

> -----Original Message-----
> From: Mark Gilbert [mailto:mgilbert at marinhd dot com]
> Sent: Wednesday, June 28, 2006 6:15 AM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: RE: [m0n0wall] M0n0wall to M0n0wall VPN Routing?
> 
> 
> I'm sorry but maybe I don't understand.  I looked at the FAQ 
> and I think
> I understand.  Parallel Tunnels?  Maybe I did not explain what I want
> correctly.  I did read where you can create a vpn tunnel between to
> M0n0walls. I just want to be sure that hosts from behind each M0n0wall
> can access resources on each others networks.
> 
> IE
> 
> Network 1
> 10.0.0.0
> 255.255.255.0
> 10.0.0.1 M0n0wall
> 
> Network 2
> 10.10.0.0
> 255.255.255.0
> 10.10.0.1 M0n0wall
> 
> Do you mean I need to create a separate tunnel for each network?
> 
> I want to know if by creating a point to point vpn tunnel 
> that Network 1
> can access resources on Network 2.  And if this is done automatically
> by creating the VPN tunnels between the M0n0walls.
> 
> -----Original Message-----
> From: Holger Bauer [mailto:Holger dot Bauer at citec dash ag dot de] 
> Sent: Tuesday, June 27, 2006 6:12 PM
> To: m0n0wall at lists dot m0n0 dot ch; Mark Gilbert
> Subject: RE: [m0n0wall] M0n0wall to M0n0wall VPN Routing?
> 
> You need parallel tunnels. Routing through an IPSEC tunnel 
> doesn't work
> as the traffic doesn't match the tunnel definition. This has 
> been asked
> numerous times before even with explicit examples. Please search the
> mailinglist. This has become a faq somehow and maybe should 
> be adressed
> a bit more in detail in the documentation.
> 
> Holger
> 
> > -----Original Message-----
> > From: Mark Gilbert [mailto:mgilbert at marinhd dot com]
> > Sent: Wednesday, June 28, 2006 3:10 AM
> > To: m0n0wall at lists dot m0n0 dot ch
> > Subject: [m0n0wall] M0n0wall to M0n0wall VPN Routing?
> > 
> > 
> > Does the M0n0wall automatically hadle routing between the 2 
> > different networks once the M0n0wall to M0n0wall VPN is 
> > created?  What needs to be done to ensure data can route 
> > between the 2 units?
> >  
> > Thanks
> > 
> 
> ____________
> Virus checked by G DATA AntiVirusKit
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
> 

____________
Virus checked by G DATA AntiVirusKit