Hi

Im currently trying to experiment on 2 new monowall boxes that I built. I
figured it would be easier for me to network them locally to config before
actual deployment. My main aim is to also test a few things like DHCP
relaying across IPsec VPN.

What I have currently is 2 machines with 3 NICs each (LAN, WAN & WLAN) and
each machine has a cross over cable to my laptop (one at a time depending on
which one Im configuring). The two WAN NICs connect via a crossover cable if
the WAN interface is set to a static address. To simulate a WAN I have
attempted give the WAN NIC a static IP of 66.66.66.xx on each and created a
VPN connection. For the meantime I have set the WAN NIC to have no port
restrictions to the LAN interface. But the IPsec VPN doesnt come up after
specifying the other machines' static IP as the gateway in the connection
properties. I dont think this is wrong?

So what I tried next was setting the WAN ports to DHCP and the two new monos
got an IP from my DHCP server after disconnecting the cross cable and
plugging the monos and the DHCP server onto the same switch. The DHCP server
gives out a different IP range to that of both mono's LAN subnets. I can
ping both machines from one another from the WAN interface and my newly
edited IPsec VPN connection doesnt come up. I am attempting to use Blowfish
and SHA1 with a simple shared key and have used the same settings as one I
used successfully before.

I have set both machines to identical VPN connection settings, except the
obvious IPs and Gateways.

Is there something im missing? Or do I really need to have each machine
hanging off the end of a DSL connection?

I feel as though I may not have some routing in place somewhere but since
each machine can see the other on the WAN connection I think it should
work - but it aint!

This is what my system log says after a fresh reboot.