[ previous ] [ next ] [ threads ]
 
 From:  "Neil Schneider" <pacneil at linuxgeek dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Routing Problems - IPSEC & m0n0wall
 Date:  Thu, 24 Jun 2004 16:19:53 -0700 (PDT)
Andrew Thrift @ Home said:
> Hi All,
>
> I posted on here a few days ago but got no response.
>
>
> I have setup two m0n0walls with an IPSEC tunnel between them,  from
> the
> lan side of each m0n0wall I am able to ping accross the link with no
> problems.
>
> However when I use ping from the remote m0n0wall to the LAN segment
> over
> the IPSEC tunnel I get no response.
>
> m0n0wall-1 lan:   192.168.90.4/24
> m0n0wall-1 wan:   10.0.50.62
>
> m0n0wall-2 lan:    192.168.100.250/24
> m0n0wall-2 wan:    10.0.50.56
>
> so when I am on the web interface of 10.0.50.62 I cannot ping to
> 192.168.100.250 or 192.168.100.20 yet when I am on a machine on the
> 192.168.90.x network I can ping accross the ipsec tunnell to the other
> side.

You shouldn't be able to ping through the wan interface to the inside
subnet. M0n0wall is a firewall, pinging from the wan to the lan is
disabled by default, as it should be.

-- 
Neil Schneider                              pacneil_at_linuxgeek_dot_net
                                           http://www.paccomp.com
Key fingerprint = 67F0 E493 FCC0 0A8C 769B  8209 32D7 1DB1 8460 C47D

Fires can't be made with dead embers, nor can enthusiasm be stirred by
spiritless men. Enthusiasm in our daily work lightens effort and turns
even labor into pleasant tasks. --James Baldwin