[ previous ] [ next ] [ threads ]
 
 From:  Mark Schoonover <schoon at amgt dot com>
 To:  "M0n0wall (E-mail)" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  IPSEC VPN Endpoints Must Be Identical??
 Date:  Tue, 16 Jan 2007 16:48:32 -0800
Thanks for reading!

	I need to route two different subnets to a central colo site, where
the router there will route to the distant network. It's my understanding
that I can use CIDR to accomplish this. Here's what I need to do:


[Site1] ---------- [colo] ---------- [Site2]
192.168.1.0        192.168.200.0     192.168.2.0

I need Site1 to route 192.168.200.0 and 192.168.2.0 across the same VPN
connection to 192.168.200.0. I'm pretty sure I can setup 192.168.0.0/16 on
the M0n0 box at Site1, but I only want 192.168.1.0/24 on the M0n0 system
running at the colo. Would it be better to setup two VPN endpoints on the
Site1 M0n0 box?? I do have other 192.168.3.0, 192.168.4.0, that go to other
VPN connections. I'm thinking two seperate VPN connections at Site1->colo
are needed in my case - now that I've spent a few more minutes describing
what I need to happen.

This is just an idea I thought of, and I can't test it out until this
weekend. So, I'm wondering if I'm on the right track. I'm now thinking two
VPN connections to the colo from Site1 would be best... Comments most
welcome.

Thanks!

Mark Schoonover 
IS Manager 
American Geotechnical - California, Nevada and Arizona 
V-> 858.450.4040 F-> 714.685.3909 C-> 858.472.3816