I would to help with this but I have to admit that this is a new prospect for me. Let me know how it turns out and it would be nice if we could document this behavior.
On 8/3/05, alan walters <[EMAIL PROTECTED]> wrote: > Ok I have made a bit of progress with this one. > I have setup a vpn by editing the xml file in the vpn section > > The local vpn is configured like so > The remote subnet becomes 0.0.0.0/0. > > At the remote end I made a outbout nat rule for my local subnet > And added firewall rules to allow those out my remote LAN. > > the traceroute to www.google.ie completes in a lot less hops than it > would via our route 14 instead of 22. I checks the firewall on the > remote end and it seems to be gatewaying the traffic as well. > > The problem seems to now be that out of the fourteen hops on the new > route > 9 of them seem to time out. Would love some insight into this. > > I am now going to look into the static route bit as well. And see if > trying to tie the gateway down better helps. > > I believe one of two issues would now apply. Either the nat on the far > end is causing a problem. Or something that I just don't understand > > > Regards alan > > > > > I think there's somebody doing this with m0n0wall. I recall it being > discussed on the list in the past. I believe how they accomplished it > was adding a site to site VPN, then adding a static route on the LAN > for 0.0.0.0/0 (i.e. everything; this route wasn't possible in the GUI > without changing the code, not sure if that's been changed here or > not) pointing to the other end LAN side of the VPN tunnel. I could be > way off on that though, it's been a while. > > Worth a shot at least, might also want to google with site:m0n0.ch to > see if you come up with anything. > > > > Is it possible to route all traffic from opt1 across an ipsec vpn. > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]