[ previous ] [ next ] [ threads ]
 
 From:  Michael <monowall at encambio dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Problems with IPSec tunnel config
 Date:  Fri, 26 Mar 2010 21:32:51 +0100 
Hello again,

An ven., mars 26, 2010, Michael schrieb:
>If I try to ping (Diagnostics menu) from one router with the LAN
>address 192.168.10.0/24 to the other 192.168.13.0/24, I get no
>answer:
>
>  <192.168.10.10>$ ping 192.168.13.8
>  No answer (host down)
>
>Trying the same thing from my mobile IPSec client gives results:
>
>  <192.168.11.12>$ ping 192.168.13.8
>  64 bytes from 192.168.13.8: icmp_seq=0. time=27.155 ms
>
For a summary, the two routers running 1.31 both have almost
identical configurations. The eth0 is the WAN, eth1 is a NAT subnet
192.168.10.0/24, and eth2 has a public 29 bit subnet. Of course the
subnet numbers differ on the two routers.

I am trying to reach a machine connected to 192.168.10.0/24 from
192.168.13.0/24 on the other router, using a IPSec tunnel. Reaching
these machines from devices using 'IPSec mobile client' works well.

The docs say that you can't communicated over IPSec to a natted
subnet on the router, but I'm already doing that with mobile
clients. I have the feeling that I'm understanding something wrong.

Regards,
Michael