Re: [m0n0wall] Redirect all traffic

From:	JR <tiresias at gmail dot com>
To:	"=?UTF-8?Q?S=C3=A9bastien_Allard?=" <sallard at sintra dot ca>, m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Redirect all traffic
Date:	Wed, 13 Feb 2008 00:06:58 -0500

On Feb 11, 2008 9:18 AM, SÃ©bastien Allard <sallard at sintra dot ca> wrote:
> Site 1 :   192.168.10.1/255.255.255.0
> Site 2 :   192.168.15.1/255.255.255.0
> So I want all the traffic of the site 1 pass thru the gateway of the Site 2.

As everyone said, m0n0wall doesn't really support using an IPSEC
tunnel as a default route.

However, this is still possible, in a way. With m0n0wall you cannot
use static routes to direct traffic over a tunnel, you can only add
more tunnels to route multiple subnets to a remote site. Therefore you
simply add enough tunnels to cover the entire IPv4 address space (it
took 9 tunnels when I did it-- don't overlap local subnets), which
will effectively route all traffic across the tunnels to the remote
site.

This is a very ugly hack, yet I had it working for several years
before I replaced the m0n0walls with Linux routers running OpenVPN. It
will be nice once OpenVPN returns to m0n0wall.

JR