[ previous ] [ next ] [ threads ]
 From:  "szebi5" <szebi5 at freemail dot hu>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  IPSec VPN Routing problem
 Date:  Fri, 20 Aug 2004 00:44:16 +0200
I have a problem with ipsec. I have set up a net-net vpn described below
between my office (using linux+frees/wan) and home (using m0n0).

	lan ip:				lan ip:
	m0n0 lan ip:				linux ip:

The VPN works fine between any 2 host on the network, but not between m0n0
and the office network. The same problem arise with linux too. The cause was
that when I tried to send a packet from the router, the source ip was the
WAN ip, and it got routed via the ISP's router, not the tunnel. It was
resolved by inserting the following command in an updown script for

	ip route replace %m0n0_WAN_IP% via %linux_gateway% dev ipsec0 src

So I can ping anything on my home net, including m0n0, and I'd need to do
the same from m0n0 too, especially so I could set up a DNS forwarder for the
office DNS server. Since I installed m0n0 today, and this is the first BSD
system I use, I don't know how I can replace the linux "ip route" commands
under BSD.

Thanks for your help.

Zsolt Szeberenyi