News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  VPN
linktree Topic: Routing traffic across the VPN
Pages: [1]
Topic: Routing traffic across the VPN  (Read 2075 times)
« on: December 20, 2011, 19:24:34 »
aqualityplace *
Posts: 10
I have a problem with routing and I amnot sure if this is possible.

We have 2 dedicated monowall appliances for our VPN tunnel 172.16.100.252 - 172.16.101.252

On the 172.16.101.0/24 network we have another firewall which routes traffic to our DMZ network 172.17.101/0/24

I think I have set up the correct static routes to work. Devices on the DMZ network can ping the 172.16.101.252 device, but they cant ping the monowall appliance on the other network 172.16.100.0/24

If I do a trace route on a machine in the DMZ network for an iP on the 172.16.100.0/24 network its last hop is 172.16.101.252 so its going in the right direction. I added allwoed firewall rules on both monowall appliances as I was seeing dropped packets. I no longer see any dropped backets but I still cant ping between the 17.17.101.0/24 and 172.16.100.0/24 networks

Any ideas?
« Reply #1 on: January 05, 2012, 03:00:27 »
cmb *****
Posts: 851
You have to make sure the networks you need to traverse the VPN appropriately match your local and remote subnets for IPsec. You may need a second IPsec connection if you can't CIDR-summarize the involved subnets (e.g. two /24s into a /23, or similar).
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines