[TriLUG] Same interface routing w/ m0n0wall
Kevin Otte
nivex at nivex.net
Wed Nov 8 15:56:23 EST 2006
Short version: m0n0wall doesn't appear to be forwarding packets on the same
interface they were received. Any ideas?
Longer version:
I'm working to set up a VPN to yet another site, and we're having some
problems with the m0n0wall on his end. If I may digress into some ASCII
art:
inet inet
| |
routerO routerP
/ \ 10.0.1.x / \
deskO vpnO -- vpnP deskP
172.31.3.x 192.168.10.x
deskO can ping routerP and vice-versa, but not deskP. routerO is a Linux
system (OpenWRT) and routerP is a FreeBSD (m0n0wall). The problem appears
to be that the m0n0wall isn't forwarding packets from deskP to 172.31.3.x
because the source and destination for the packet is the LAN interface.
We've been crawling all over the settings, verifying the static route is
valid and that the firewall rules permit such a route, but no forwarding is
occurring. Obviously we're missing the magic bit.
--
Kevin Otte, N8VNR
nivex at nivex.net
http://www.nivex.net/
-=-
"Those who cannot remember the past are condemned to repeat it."
-- George Santayana
"It seems no one reads Santayana anymore."
-- Cdr. Susan Ivanova, Babylon 5
More information about the TriLUG
mailing list