News
:
This forum is now permanently frozen.
m0n0wall Forum
>
m0n0wall Support (English)
>
VPN
Topic: routing aditional addresses down IPSec tunnel
Pages: [
1
]
Topic: routing aditional addresses down IPSec tunnel (Read 2831 times)
routing aditional addresses down IPSec tunnel
« on: April 23, 2010, 01:37:35 »
vip32
Posts: 6
has anyone got any idea how to route more than just the specified network ip addresses down a IPSec tunnel. I have attempted it with Static routes but had no success. the current setup i have remote network is 10.0.0.X but i now need some traffic to go to some hosts on 10.1.0.X network with the router on the 10.0.0.X network as the gateway to the additional network segment. If anyone has a solution to this i would love to hear it
Cheers
Vip32
Re: routing aditional addresses down IPSec tunnel
« Reply #1 on: April 28, 2010, 16:50:33 »
Jackass
Posts: 8
In theory it is as simple as just adding those additional networks to the IPSEC configuration.
Re: routing aditional addresses down IPSec tunnel
« Reply #2 on: May 19, 2010, 11:59:19 »
vip32
Posts: 6
sorry for the delay in replying, i know in thory you would just add the aditional networks to the IPSec profile but there is no way to add more than 1 remote address to the profile. any ideas the best way to proceed?
Re: routing aditional addresses down IPSec tunnel
« Reply #3 on: May 19, 2010, 18:01:45 »
iridris
Posts: 145
Perhaps just set up a separate tunnel for each network?
Re: routing aditional addresses down IPSec tunnel
« Reply #4 on: May 31, 2010, 03:38:25 »
jenea
Posts: 3
same problem here.....
site1 (branch)
=================================================
Internal: 192.168.30.0/24
site2 (main)
=================================================
firewall1
-----------
external: public IP
Internal: 172.16.10.1/24
firewall2
-----------
external: 172.16.10.2/24
internal: 192.168.45.0/24
- Monowall from site1 connects to firewall1 (192.168.30.0/24 to 172.16.10.1/24)
- Was not able to route traffic to 192.168.45.0/24 by using static routes on the fw in site1
- Currently using Nats on firewall2 (site2) to connect to different hosts behind Fw2
Need to send traffic from 192.168.30.0/24 to 192.168.45.0/24
Any suggestions?
Re: routing aditional addresses down IPSec tunnel
« Reply #5 on: June 01, 2010, 07:07:41 »
jenea
Posts: 3
.... it worked (2nd vpn tunnell)
=======================================
- brought up a second vpn tunnel to the same peer for different subnets...
- added a route on firewall1 (main site)..... 192.68.0.0/2 to point to firewall2.....
- added new rules on firewall1 (main site) .... to ecrypt/decrypt traffic and for the new subnets.....
thank you for the idea.......
Pages: [
1
]