General Questions

Hi all,

I try to describe my problem and I need to know if I can solve with m0n0wall;

I have now a Dlink DFL800 as an internet firewall; Now, as a default gateway I use a Cisco 2600. With this CISCO I made all VPN's and I redirect all trafic (except VPN) to the DFL 800.

Now, I want to make another project and I need to use insteed Cisco a m0nowall. My question is: I can make a simillar rule to redirect all internet trafic to another firewall (Untangle 5.03) and to make VPN's and routing with monowall?

I will try to make also a drawing to be more explicit!
Here is the drawing:
(http://photos.smc.ro/m0n0/m0n0.jpg)

I'm not sure if in Static routes I can make something...

Thank you

(I have a simmilar post in Trafic S. Section)

This should be possible.  you would need to set the Monowall up with the internet firewall as it's default gateway and then set up static routes for your VPN subnets.

so, if I understand well you sugest me to change the default gateway to Firewall (in this case Untangle)?

Personal I prefer to have m0n0wall as default gateway because I want to redirect the internet from other locations to the same firewall (untangle); so I will have only one internet gateway...

Reading your post again, I am actually not sure that you can do exactly what you are looking to do with 1 monowall.  Essentially you are trying to use 2 WAN links and monowall doesn't yet support this.  However if you VPN isp is only being used to route the VPN links and the far points all have static IP's it might be possible.
How is the second ISP link terminated?

the ideea is: I have 3 locations. all of them are connected one to another with 10Mbps (but only one to another not to all internet); I will name them LOC 1, LOC 2 and LOC 3

Now, in LOC 1, I have also another provider who give me access to internet with 5Mbps. Now, I use monowall to connect all locations in one network but, I need to give them also direct access to internet and the only gateway is trough LOC 1

M0n0 work only with static routes...and not with source route...

I hope someone can give me a good answer!

Thank you!

[Loc2 & 3:]

what link is betwen these locations?
are they connected via VPN(eg IPSec) over Internet or are they directly connected?
if they are directly connected i would do it this way:
Loc2 & 3:
Router(eg monowall): WAN: link&gateway to Loc1.monowall

Loc1:
Mono(best with 3 NICs):
WAN <-> Untangle (untangle as default gateway)
LAN <-> LAN
OPT1 <-> the other locations
Rules: allow traffic from LAN, OPT1 to anywhere(if the locations should "see" each other)
have the locations the same subnet? or are the nets different?

if these locations are connected over the internet, why dont u let Loc2 & Loc3 acces the net by their own internet connection and only route the Traffic to the other locations throu vpn/monowall?

hope i understood the problem right.

grz dnn