[ previous ] [ next ] [ threads ]
 From:  Michael <monowall at encambio dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Problems with IPSec tunnel config
 Date:  Fri, 26 Mar 2010 21:32:51 +0100
Hello again,

An ven., mars 26, 2010, Michael schrieb:
>If I try to ping (Diagnostics menu) from one router with the LAN
>address to the other, I get no
>  <>$ ping
>  No answer (host down)
>Trying the same thing from my mobile IPSec client gives results:
>  <>$ ping
>  64 bytes from icmp_seq=0. time=27.155 ms
For a summary, the two routers running 1.31 both have almost
identical configurations. The eth0 is the WAN, eth1 is a NAT subnet, and eth2 has a public 29 bit subnet. Of course the
subnet numbers differ on the two routers.

I am trying to reach a machine connected to from on the other router, using a IPSec tunnel. Reaching
these machines from devices using 'IPSec mobile client' works well.

The docs say that you can't communicated over IPSec to a natted
subnet on the router, but I'm already doing that with mobile
clients. I have the feeling that I'm understanding something wrong.