[ previous ] [ next ] [ threads ]
 
 From:  Fred Wright <fw at well dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Routing Problems - IPSEC & m0n0wall
 Date:  Sun, 27 Jun 2004 18:06:15 -0700 (PDT) 
On Fri, 25 Jun 2004, Justin Ellison wrote:

> The problem is that you're pinging from the WAN side, but your tunnel
> exists from your LAN IP's.  You need to change the source address from
> which you are pinging from to the LAN side.  Go to exec.php, and paste
> the following command in m0n0wall-1:
> 
> /sbin/ping -c 10 -S 192.168.90.4 192.168.100.250

The default source address is the IP address of the interface on which the
packet will be sent.  When pinging through a tunnel, that would be the IP
address of the *tunnel's* virtual interface.  The -S option is only needed
for testing fairly bizarre things.  And if it *were* needed, nothing else
would work, anyway, since there's no -S equivalent in most TCP/UDP
applications.

> This should work as expected.  If not, your tunnels aren't configured
> quite properly.

I'd guess the latter.

					Fred Wright