[ previous ] [ next ] [ threads ]
 
 From:  Fred Weston <fred dot weston at daytonawan dot com>
 To:  "Mitch (WebCob)" <mitch at webcob dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] RE: Firewalling /filtering IPSec tunnels...
 Date:  Fri, 23 Apr 2004 16:55:18 -0400 
Mitch (WebCob) wrote:

>Further to this question, is it possible (and how?) do you configure to
>allow clients at the end of IPSec tunnels to see each other?
>
>Consider 3 mono's - each with WAN and LAN.
>
>I want to connect A & B to C so that A & B can see C's private network , but
>ALSO so that A can see B.
>
>A & B CAN NOT be directly connected due to constraints of the service
>provider.
>
>A, B, and C can all have private lan subnets as required.
>
>Anyone care to point me in the right direction? Do I need to manually add
>routes after establishing the tunnels or ?
>
>Thanks.
>  
>
I would imagine that you would need to add C's network to A's SA with B 
and A's network to C's SA with B.  That should get the packets to B at 
least, whether or not it will forward them back out another tunnel is 
probably the clenching factor.