[ previous ] [ next ] [ threads ]
 
 From:  adsf fa <finalrundenjungs at yahoo dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Question: IPsec local subnet netmask option
 Date:  Sun, 22 Feb 2004 05:01:01 -0800 (PST)
Hi

In the IPsec config, for the local subnet netmask, I
can choose any value between 1 and 31. What is the
reason for 0 (and 32, although that is covered by
'Single Host') not being included?
To get my IPsec protected WLAN (at OPT1) working, I
had to change vpn.inc to override the local subnet
mask so it is always '0'. This will give me an SPD and
an sainfo part of racoon.conf like this:

0.0.0.0/0[any] 192.168.0.10[any] any out ipsec
sainfo address 0.0.0.0/0 any address 192.168.0.10/32
any { ... }

Without the hack, I get 0.0.0.0/1 at best, which will
not work as a "default route".

What am I missing?

__________________________________
Do you Yahoo!?
Yahoo! Mail SpamGuard - Read only the mail you want.
http://antispam.yahoo.com/tools