[ previous ] [ next ] [ threads ]
 From:  Melvin Backus <melvin at sleepydragon dot net>
 To:  Peer Dicken <peer at dicken dot name>, m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Routing / NAT issue
 Date:  Wed, 29 Sep 2004 05:57:46 -0400
At 04:37 AM 9/29/2004, Peer Dicken wrote:

>Am 28.09.2004 um 16:14 schrieb Peer Dicken:
>>My client's lan is / 24. We need to establish a tunnel to
>>another network with
>>I know this is - ahh - difficult. I want to get around it and created
>>a VLAN interface / 24 which is used as the local
>>subnet in the ipsec definition.
>>I can ping hosts on the other side, from the firewall. What do I need
>>to do to ping from the LAN? I think I need NAT or
>>something. Please help me a little.
>I thought I could do this with outbound NAT, but it does not work. Does
>really nobody have a hint for this problem? I want to NAT our LAN,
>using the 192.168.233 network. The other LAN has a route to
>, which is the VLAN interface.

You appear to be trying to connect a VPN tunnel between 2 networks with 
overlapping addresses.  I'm not aware of any way to do this.  The LAN 
addresses have to be different in order for it to work since they get 
tunnelled through and show up on both sides.  That appears to mean one of 
them is going to have to be re-addressed.  Either that or I've totally 
mis-read your post, in which case I have no clue.   :)

Whom computers would destroy, they must first drive mad.

Melvin Backus
Principal Wizard
Sleepy Dragon Enterprises