[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Photurisd questions

A few questions, any help is much appreciated -

I've got photurisd configured, and it seems to be working between the two
gateway machines.  I know that vpn(8) says that the gateway hosts must be
in the protected network, which means that I can't tunnel the private IP
addresses of the hosts behind these gateway hosts (right?).  My question is -
is there a work around for this?  Doesn't this mean that I can't set up a 
VPN for the hosts behind the two gateways, or have I misunderstood?

Also, I am currently using the default data in the photuris.conf file -
while I won't pretend to know what the modulus keyword is specifying - do 
these need to be "regenerated" specifically for my hosts or is it OK to use
the modulus statements in the photuris.conf that came with the distribution?

Lastly, what exactly is the secrets.conf file for?  I configured everything
per the vpn man page, and while running tcpdump I see proto-51 packets going
back and forth for the telnet session, but I have no idea where secrets.conf
comes into the picture.  I just make sure I use

startkey dst=<ip addr of other end> name=<the local name in the secrets.conf>

on both ends and it seems to work.  Is the "secret" just a passphrase, and
if so, where does it get used?