[ previous ] [ next ] [ threads ]
 
 From:  Christoph Hanle <christoph dot hanle at leinpfad dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Simulating a WAN for testing 2 m0n0s - with log file
 Date:  Mon, 07 Aug 2006 18:27:21 +0200
Hi Jai,
I am also simulating connections in a testlab, but i do it in another way:
I use e.g. a freesco with 3 NICs or 3 Cisco 2500 for simulate the real 
gateways and the "Internet" (0.0.0.0). My testpc has minimum two NICs an 
i am running two times a small linux on virtual machines. With this 
configuration i can realy god test connections etc. between two nets or 
firewalls.
I recommend you using a least an old PC with freesco and three NICs.


bye
Christoph

Jai Ketteridge schrieb:
> Hi
> 
> Im currently trying to experiment on 2 new monowall boxes that I built. I
> figured it would be easier for me to network them locally to config before
> actual deployment. My main aim is to also test a few things like DHCP
> relaying across IPsec VPN.
> 
> What I have currently is 2 machines with 3 NICs each (LAN, WAN & WLAN) and
> each machine has a cross over cable to my laptop (one at a time depending on
> which one Im configuring). To simulate a WAN I have attempted give the WAN
> NIC a static IP of 66.66.66.xx on each and created a VPN connection. For the
> meantime I have set the WAN NIC to have no port restrictions to the LAN
> interface. But the IPsec VPN doesnt come up after specifying the other
> machines' static IP as the gateway in the connection properties. I dont
> think this is wrong?
> 
> So what I tried next was setting the WAN ports to DHCP and the two new monos
> both got an IP from my DHCP server. The DHCP server gives out a different IP
> range to that of both mono's LAN subnets. I can ping both machines from one
> another from the WAN interface and my newly edited IPsec VPN connection
> doesnt come up. I am attempting to use Blowfish and SHA1 with a simple
> shared key and have used the same settings as one I used successfully
> before.
> 
> I have set both machines to identical VPN connection settings, except the
> obvious IPs and Gateways.
> 
> Is there something im missing? Or do I really need to have each machine
> hanging off the end of a DSL connection?
> 
> I feel as though I may not have some routing in place somewhere but since
> each machine can see the other on the WAN connection I think it should
> work - but it aint!
> 
> This is what my system log says after a fresh reboot.
> 
> [..]