[ previous ] [ next ] [ threads ]
 
 From:  "Kristian Shaw" <monowall at wealdclose dot co dot uk>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] M0n0wall to M0n0wall Ipsec tunnel does not connect
 Date:  Tue, 17 Oct 2006 22:11:01 +0100
Hello,

It is not necessary to open the firewall manually for IKE and ESP/AH. 
m0n0wall will do this automatically when you enable IPSEC.

All you have to create is the outbound rules to allow traffic from each LAN 
(IPSEC traffic is implicitly accepted once decrypted.

If you are connecting Windows machines together I would also suggest 
enabling the option for fragmented packets on both the firewall rules for 
outbound traffic, and the setting for allow fragmented packets via IPSEC in 
the system configuration menus.

Kris.

----- Original Message ----- 
From: "Cecil Strange" <cecil underscore strange at msn dot com>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Tuesday, October 17, 2006 8:55 PM
Subject: RE: [m0n0wall] M0n0wall to M0n0wall Ipsec tunnel does not connect


My tunnel is up.  The two SAD listings look correct and I
can ping the private addresses on the remote LAN.

The tunnel links two Windows domains.  M0n0wall version on
both endpoints is 1.22.

I would like to browse the remote LAN with Windows Explorer.
I used to do this with a VPN running on Netgear appliances.
Do I have to open the firewall, other than for ESP, to do
this?  I did search the archives but found no relevant
discussions.




---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch