[ previous ] [ next ] [ threads ]
 From:  Krzysztof Czajka <krzysztof dot czajka at telmor dot com dot pl>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Routing problem and ipsec
 Date:  Thu, 10 Aug 2006 14:26:56 +0200
Hi I have question with routing config...
My question is: is it possible to make routing between DMZ and remote
location connected via VPN ?


   - WAN (some_ip_1)
   - LAN IP (
   - DMZ IP (
   - ipsec tunnel between M0n0wall_1 LAN and M0n0wall_2 LAN

   - WAN (some_ip_2)
   - LAN (
   - ipsec tunnel between M0n0wall_1 LAN and M0n0wall_2 LAN

IPSEC tunnel betwen LANs have to stay.

I want ping directly host in DMZ from LAN.

1.) I try to setup static routing on M0n0wall_2 dest. network:; interface IMHO should be ipsec0 - I can't setup it (I
can choise only PPTP,WAN,LAN); default gateway:
It was wrong, routing table was corrupt after deleting this route, so I
should restart M0n0wall.

2.) I try to setup second ipsec tunnel but it goes wrong - I think, that
m0n0walls can not identify two tunnels with same destination WAN IP.
adding ipsec tunnel between M0n0wall_1 DMZ and M0n0wall_2 LAN

Have you any idea to solve that problem ?

Or should I forward hosts ports from DMZ to WAN IP in M0n0wall_1 ?
I want avoid this solution because some service on DMZ host (embedded
solution) is allowed to connect with only two IP adresses in remote LAN.

Krzysztof Czajka