[ previous ] [ next ] [ threads ]
 
 From:  Bill Cavalieri <bill at lumensoftware dot com>
 To:  Kristian Shaw <monowall at wealdclose dot co dot uk>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] IPSec Static Routes
 Date:  Fri, 7 Sep 2007 11:50:26 -0500 (CDT)
I'm wanting certain public ip address that would normally go out m0n0wall a's gateway, to go thru
the ipsec tunnel, and out m0n0wall b's gateway.

Thanks,

-Bill

----- "Kristian Shaw" <monowall at wealdclose dot co dot uk> wrote:
> Hello,
> 
> If you understand you correctly, this is how IPSEC tunnels work
> anyway.
> 
> Just create the tunnel between the two m0n0wall firewalls using the
> the LAN 
> IP range of the 'a' firewall users and the IP range of the servers
> beghind 
> the 'b' firewall.
> 
> Traffic between these hosts will be encypted, everything else will be
> 
> un-encypted. No static routes are required (on the m0n0walls).
> 
> Kris.
> 
> ----- Original Message ----- 
> From: "Bill Cavalieri" <bill at lumensoftware dot com>
> To: <m0n0wall at lists dot m0n0 dot ch>
> Sent: Friday, September 07, 2007 4:34 PM
> Subject: [m0n0wall] IPSec Static Routes
> 
> 
> >I have two m0n0walls, with a IPSec tunnel.
> >
> > Is it possible to use static routes on one of the firewalls, to
> route its 
> > traffic trough the other firewall, for  certain destination ips?
> >
> >
> >  Internet             Internet
> >     ^                    ^
> >     |       ipsec        |
> > m0n0wall a --------> m0n0wall b
> >
> >
> > I would like users on the m0n0wall a network, to go out the m0n0wall
> b 
> > network, when accessing customers servers.  But still able to use
> their 
> > normal gateway for all other traffic.
> >
> > Thanks, for any help.
> >
> > -Bill
> >
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> > 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch


-- 
---
Bill Cavalieri
Director Integration Services
Lumen Software
P:816.880.0066 x118
F:816.880.0440

Lumen Software IS Web Services. Providing solutions for today and
tomorrow, regardless of the Platform... Microsoft, Linux, Mac, or Unix.

At Lumen Software, We Bring The Web to Life... Fast, Easy and Affordable