Marty Nelson wrote:
> Thanks Lee.
> So there's nothing to be done with routing where we can send all traffic destined for the
192.168.75 network through the tunnel?
> As far as setting up server based NAT's, can you explain further?
Wait a sec... I think I got lost. You are on 192.168.3.0/24 and they
are on 192.168.75/24, but to get to them you need to "appear" to be
10.100.2.0/24? OK, this is doable, but you will need more boxes. NAT
goes out the WAN. So you need a additional m0n0wall box. WAN will be
in your DMZ (10.100.2.10) and LAN will be in your LAN (192.168.3.10) and
this box will VPN to them. It will NOT have DHCP enabled. You will put
a static route in your m0n0wall box with 192.168.75.0/24 gateway at
192.168.3.10 (Your other box) and it will work. Messy, but the only way
to get this hack to work that I can think of.