News: This forum is now permanently frozen.
Pages: [1]
Topic: Site to Site VPN Routing Problems  (Read 1863 times)
« on: June 19, 2008, 10:01:24 »
pwfraley *
Posts: 2

Hi all,

I have a problem with IPSec VPN.  I have two Sites:

Site 1:
IP Adress space: 10.0.0.0/255.255.255.0
M0n0wall 1.3B11 Hooked up to Cable Internet

Site 2:
IP Adress space: 10.0.2.0/255.255.255.0
M0n0wall 1.3B11 Hooked up to Cable Internet


Site 2, also has these networks behind a second m0n0wall also running 1.3B11, which is connected to a T1
DMZ (with Public IP's)
PUB (With Public IP's)

Now the two sites are connected with an IPSek VPN over the Cable Internetconnection.  I can reach both Networks without a problem.

But when I try to reach the second M0n0wall on Site 2 (the one hooked up to the T1 and DMZ Network) nothing happens.  I can not ping it, I can not access the Webinterface and I can not get access to the DMZ Zone.

I have setup routing in the Site 1 Settings to route the DMZ to the M0n0wall on Site 2.  I have setup the second M0n0wall in Site 2 to route the 10.0.0.0 traffic to the first monowall.  But no luck

Can someone help, please ...

« Reply #1 on: June 19, 2008, 17:04:49 »
markb ****
Posts: 331

Hi all,

I have a problem with IPSec VPN.  I have two Sites:
Mono 1
Site 1:
IP Adress space: 10.0.0.0/255.255.255.0
M0n0wall 1.3B11 Hooked up to Cable Internet
Mono 2
Site 2:
IP Adress space: 10.0.2.0/255.255.255.0
M0n0wall 1.3B11 Hooked up to Cable Internet
Mono 3
Site 2, also has these networks behind a second m0n0wall also running 1.3B11, which is connected to a T1
DMZ (with Public IP's)
PUB (With Public IP's)


Hi,
From reading what you have explained, these are the static routes I believe you need.  I have identified the 3 different Monowall boxes in bold above in the quote.

Mono 1
10.0.2.0/24 Via IPSec VPN Mono 2 end address
DMZ segment - Via IPSec VPN Mono 2 end address

Mono 2

10.0.0.0/24 - Via IPSec VPN Mono 1 end address
DMZ segment - Mono 3's 10.0.2.0/24 subnet (LAN) IP address

Mono 3
10.0.0.0/24 - Mono 2's LAN IP address

I believe that the reason you cannot see Mono 3 is because it does not know how to reach 10.0.0.0/24

I have setup the second M0n0wall in Site 2 to route the 10.0.0.0 traffic to the first monowall.  But no luck

How does Mono 3 know how to get to Mono 1? This should point to Mono 2 as it knows how to get to the 10.0.0.0/24 segment.

Hope I have understood you and this helps.
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines