[ previous ] [ next ] [ threads ]
 From:  "Christopher M. Iarocci" <iarocci at eastendsc dot com>
 To:  "Jaap Prickartz" <jaap at tetra dot nl>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] central Ipsec gateway as a "tunnel hub"
 Date:  Thu, 9 Oct 2003 13:06:13 -0400
> OOPS, my previous mail was in HTML. please ignore..
> Hi,
> i've been stuggling with the following problem for quite some time and
> figure it out using monowall:
> If have got multiple subnets connected to a central one, lets say a few
> remote locations connected to our headquarters. I want to connect them all
> using Ipsec to permit communications between these remotes location. To
> avoid maintenance problems i do not want to use a mesh-topology.
> My situaton:
> location a:
> location b:
> location c:
> location central:
> i've tried to set up tunnels to location central with remote subnet
> but this doesn't work. Also i tried with /24 tunnels and
> adding a static route, also no good results...
> so, does anyone have any ideas for me? Any help would be greatly
> appreciated!


I have exactly the same thing set up, and I found it necessary to use a
mesh-topology.  Only one of my machines is a m0n0wall, 3 are netopia
routers, and one is a Cisco router.  All of them had to have tunnels
configured to get to the other subnet.  Using one as a central router didn't
seem to work, not to mention the amount of traffic that poor central router
would have to handle.

On a related note, I'd like to know how to establish 2 tunnels to 1
location.  I asked that question twice, with no answers.  I can do it with
my Netopia routers, and the Cisco, but when setting up a 2nd tunnel (for a
2nd subnet at the location) to the same location, the 2nd tunnel never
establishes, and I see absolutely nothing in the logs where it tries to