On Mon, 6 Sep 2004, John Tran wrote:

> I have two monowall boxes at two locations, each with it's own subnet, 
> and I am interesting in accessing between the two subnets using IPSEC.  
> I've configured the two monowall boxes according to 
> http://www.m0n0.ch/wall/docbook/ipsec-tunnels.html
> 
> But here is a small twist, on the second subnet, on one of the nodes, 
> running Linux, I also have a second NIC with real IP assigned to eth0.  
> For some reason, I cannot seem to ping between the two.  Here is the 
> complete setting:
> 
> Site 1:
>     monowall
>     WAN = 11.22.33.17 (not real ip of course)
>     LAN = 192.168.1.0/24
>     compute nodes
>     192.168.1.{4,5,6}
> 
> Site 2:
>     monowall
>     WAN = 99.88.77.65 (not real ip of course)
>     LAN = 192.168.2.0/24
>     compute node
>        eth1: 192.168.2.1
>        eth0: 99.88.77.66 (not real ip of course)
> 
> I was able to connect ping between the two nodes when I did not have 
> eth0 on the compute node at site 2.  Any thoughts or suggestion would be 
> greatly appreicated.  Oh btw, the routing table is as followed:

When you added eth0, its gateway became the default gateway, and hence it
now gets any traffic not directed to 192.168.2.x.  Add a static route (on
the compute node) to 192.168.1/24 via 192.168.2.? (the unstated m0n0wall
LAN IP).

					Fred Wright