[ previous ] [ next ] [ threads ]
 
 From:  "Kristian Shaw" <monowall at wealdclose dot co dot uk>
 To:  <m0n0wall at lists dot m0n0 dot ch>>
 Subject:  Re: [m0n0wall] Silly question - Routing across VPN
 Date:  Wed, 11 Oct 2006 13:35:37 +0100 
Hello,

It may be worth looking through the list archive as this has come up a few 
times before.

However, in summary... You can't route with IPSEC VPNs so have you have 
choices:

1) Create two IPSEC tunnels (use exactly the same encryption settings, but 
just change the subnets involved)
2) Create a single IPSEC tunnel that encompasses all the address you wish to 
VPN to.

In your example, you could create a tunnel with 192.168.0.0 / 255.255.0.0 as 
the subnet. However, this would break if your home connection was also using 
addresses in the 192.168.x. range. Addresses must be unique at each end of 
the tunnel.

Regards,

Kris.

----- Original Message ----- 
From: "C. Andrew Zook" <andrewzook at pdqlocks dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Wednesday, October 11, 2006 1:05 PM
Subject: [m0n0wall] Silly question - Routing across VPN


> Hi all!
>
> I am attempting something that is new to me. I have a new m0n0
> installation at a remote warehouse for my company. I have a wireless
> access point attached to OPT1 (192.168.10.0/24), and I have a VPN set up
> to connect to the LAN (192.168.100.0/24).
>
> I have a working VPN from my current location to the remote LAN network.
> I cannot however seem to figure out how to route my requests to the OPT1
> network at the remote location. I believe that I have all of my firewall
> rules set up correctly since I can gain access to the OPT1 network when
> I PPTP in to the LAN of the remote location.
>
> I have tried to add a static route to my home location m0n0. I used the
> network definition of 192.168.10.0/24 with a gateway of 192.168.100.254
> (IP of the m0n0 on the remote LAN).
>
> Am I going about this the correct way? Any tips or suggestions?
>
> Thanks in advance,
> Andy
>
>


--------------------------------------------------------------------------------


> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch