[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

photurisd -- once again

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: photurisd -- once again
From: Scott Smith <scott_(_at_)_lackluster_(_dot_)_net>
Date: Fri, 6 Nov 1998 18:48:57 -0800 (PST)
Cc: provos_(_at_)_citi_(_dot_)_umich_(_dot_)_edu

I think I've discovered a problem in photurisd.  I've a machine with
the address 10.1.1.2 doing photuris key exchanges with a machine with a
public address.  The local machine (10.1.1.2) is being translated to a
public address on its way to the other machine, but when photuris sets up
its encapsulated routes, both machines are unable to reach each
other--traceroute doesn't even go to the next hop.  When I change 10.1.1.2
to a public address with a static translation (rather than nat) on my
firewall, things work dandy.  This is a real problem here, as I have to
use a private address in order to route traffic through the machine over
the encrypted line to my other peer.  (I'm not doing tunneling; I'm going
to use ipf and translate everything that goes through 10.1.1.2 to 10.1.1.2
as done with ppp dialups.)

I hope I explained my situation well enough.  Has anyone else used
photurisd in a situation such as this?

Thanks,
Scott

Prev by Date: OpenBSD 2.3 Installation Problems
Next by Date: Install fix for 2.3 -> 2.4
Previous by thread: OpenBSD 2.3 Installation Problems
Next by thread: Install fix for 2.3 -> 2.4
Index(es):
- Date
- Thread

Visit your host, monkey.org