> The routes on the lan's are set up correctly to forward traffic to the
> m0n0. I think it is part 2 that is having the problem. I can't add the
> route to the remote networks using the remote mono as the gateway as
> m0n0 then complains that its not on the local lan with the following
Typical routing issue: a given gateway *must* be on the local network.
It must be the first router on the path. This explains the error message
in the logs...
Host A - Router R1 <-> Router R2 - Host B
If host A need a route to host B, the gateway must be Router R1, *not*
R2. In fact, R1 and R2 know each other as they are directly connected.
More, in the case you only have one router for a subnet, it's called the
It's difficult to give you a precise answer for your problem. I must
tell you I don't understand you exact network topology: would it be
possible to give us more info on the networks numbering scheme and the
What I imagine is:
+- Network 172.a.b.c
192.168.x.0/24 - [mOn0 A] - VPN Link - [mOn0 B] - Network 172.d.e.f
+- Network 172.g.h.i
If it's right, on 192.168.x.0/24, you have mOn0 A as the default
gateway. But m0n0 A itself use your ISP router as its default gateway.
And The VPN just creates the static route for m0n0 B's LAN *only*.
Further networks are not known by m0n0 A.
So, You need to add 3 static routes to the 172. networks on m0n0 A,
using m0n0 B as the gateway (on its VPN-side interface). Notice: mOn0 B
should already have routes for all 172. networks.
This is how I see your problem. I may be totally wrong... Let me know.