Ok I have made a bit of progress with this one. I have setup a vpn by editing the xml file in the vpn section
The local vpn is configured like so The remote subnet becomes 0.0.0.0/0. At the remote end I made a outbout nat rule for my local subnet And added firewall rules to allow those out my remote LAN. the traceroute to www.google.ie completes in a lot less hops than it would via our route 14 instead of 22. I checks the firewall on the remote end and it seems to be gatewaying the traffic as well. The problem seems to now be that out of the fourteen hops on the new route 9 of them seem to time out. Would love some insight into this. I am now going to look into the static route bit as well. And see if trying to tie the gateway down better helps. I believe one of two issues would now apply. Either the nat on the far end is causing a problem. Or something that I just don't understand Regards alan I think there's somebody doing this with m0n0wall. I recall it being discussed on the list in the past. I believe how they accomplished it was adding a site to site VPN, then adding a static route on the LAN for 0.0.0.0/0 (i.e. everything; this route wasn't possible in the GUI without changing the code, not sure if that's been changed here or not) pointing to the other end LAN side of the VPN tunnel. I could be way off on that though, it's been a while. Worth a shot at least, might also want to google with site:m0n0.ch to see if you come up with anything. > > Is it possible to route all traffic from opt1 across an ipsec vpn. > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
