[ previous ] [ next ] [ threads ]
 
 From:  Bjoern Euler <lists at edain dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] VPN IPSec Markus =?ISO-8859-1?Q?M=FCller_Tool?=
 Date:  Fri, 22 Sep 2006 21:10:24 +0200 
On 22.09.2006 17:02 Michael Schäfer wrote:
> Now I have problems with filling the ipsec.conf with the correct parameters
> for a tunnel dmz -> 0.0.0.0/0.0.0.0.
> I like to tunnel the wlan clients to any address not only to the lan-subnet.

 From <http://vpn.ebootis.de/ipsec-conf.htm> I would say that it should 
look like that:

conn DMZ-WLAN
       left=%any
       right=<m0n0-dmz-ip>
       rightsubnet=<dmz subnet>
       presharedkey=your_secret
       network=ras
       auto=start
       pfs=yes

On the m0n0wall side the "local subnet" should be 0.0.0.0/0 and the 
remote subnet the <dmz subnet>.

> After running IPSec I get connection for a few seconds. And this is it then.
What does the log on the m0n0wall side tell? There must be entries from 
racoon trying to establish the connection.

Regards
-Bjoern