I have setup an IPSec tunnel between M0n0 1.3b3 and Sonicwall PRO 2040:
192.168.0.0/24 -> Sonicwall (xxx.xxx.xxx.xxx) -> Internet <- M0n0
(yyy.yyy.yyy.yyy) <- 192.168.1.0/24
I first terminated the tunnel at both LAN's and traffic was going back
and forth without any problem on either side. That was good, but I
needed to limit access to the 1.0/24 subnet to just few specific hosts
on the 0.0/24 subnet.
Because of limitation of the Standard version of SonicOS, Sonicwall
support told me that it could be done only if I terminate the tunnel at
the Sonicwall WAN instead of the LAN and then add firewall rules on the
Sonicwall to allow or deny specific traffic.
I did that and now on the M0n0wall side the tunnel is terminated at the
LAN (192.168.1.0/24) while at the Sonicwall side the tunnel is
terminated at the WAN (xxx.xxx.xxx.xxx). After I added the rules on the
sonicwall to allow only specific hosts to access the 1.0/24 subnet I'm
able to communicate on that direction.
The problem now is that nobody in the 1.0/24 subnet can reach the 0.0/24
subnet. So basically the traffic is only going in one direction. The
rules on the Sonicwall allow all the traffic from 1.0/24 to go to
0.0/24, but that still doesn't work.
Do I have to add static routes in order for this to work? Any help and
suggestion is appreciated.