Re: PPTP VPN using MPD behind NAT help needed

From: Mike Jakubik (mikej_at_rogers.com)
Date: 07/15/04

  • Next message: Motonori Shindo: "Re: PPTP VPN using MPD behind NAT help needed" 
    Date: Wed, 14 Jul 2004 23:36:57 -0400 (EDT)
To: "Motonori Shindo" <mshindo@mshindo.net>

    Motonori Shindo said:

    >> > This seems like a DSL router's problem. Because PPTP encapsulates PPP
    >> > using GRE, which is neither TCP nor UDP, routers sometimes can not NAT
    >> > PPTP traffic. Some router conqurs this problem by simply "passing
    >> > through" GRE packets (and hence this feature is sometimes called "VPN
    >> > Pass Through") assuming there is only one PPTP client behind NAT. What
    >> > you are seeing is most likely this case.
    >> >
    >> > There are, however, routers with more intelligence in this regard,
    >> > which is capable of handling GRE over NAT with many clients. 'natd'
    >> > included in FreeBSD is one of such "smart" NAT implementation.
    >>
    >> Thanks, but what has me concerned is that fact that one client can
    >> connect
    >> just fine. I belive they are using a watchguard firebox as their
    >> firewall.
    >
    > "One client works just fine but not two or more clients
    > simultaneously" is a typical symptom you'll see when NAT device does
    > simple "VPN Pass Through".

    I never said simultaneously, i mean that only one of them can connect.
    They are not all connecting at once.

    >> Aother strange thing is that we have had a Windows 2003 server behind
    >> this
    >> Dlink router, and VPN worked with the Windows server. This is what led
    >> me
    >> to belive that it may be something else.
    >
    > Do you mean you used Windows 2003 Server as a PPTP server or a PPTP
    > client? If you used it as a PPTP client, did it always work OK with
    > other PPTP clients simultaneously through that DLink router?
    >
    > Regards,

    Yes, as a PPTP server. Also, we have no problems establishing more than
    one outgoing PPTP connection via this router.

    Thanks.

    _______________________________________________
    freebsd-net@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-net
    To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

  • Next message: Motonori Shindo: "Re: PPTP VPN using MPD behind NAT help needed"

    Relevant Pages

    • Re: Unable to make VPN connection to ISA 2006 Standard
      ... VPN client and the ISA. ... The PPTP filter will drop PPTP connections *any time* the PPTP VPN protocol ...
      (microsoft.public.isa.vpn)
    • Re: PPTP misery
      ... setting up & connecting new or existing PPTP VPN connection. ... You put on IAS and PEAP, were those on before you started this?? ... Sent via Windows Mail on Vista Ultimate connected to SBS R2 ... client that they had stopped working about a month before. ...
      (microsoft.public.windows.server.sbs)
    • Cisco Pix-501 6.1 VPN trouble
      ... PPTP server on the pix-501. ... "The Windows client can Telnet to host 192.168.0.2 through the global ... vpdn group 1 ppp authentication mschap ...
      (comp.security.firewalls)
    • poptop (pptpd) Problem
      ... Helo fellow FreeBSD users. ... machine using poptop (pptp). ... The setup at this client is as follows: ... redirect_port tcp 10.0.0.1:80 80 ...
      (comp.unix.bsd.freebsd.misc)
    • Re: VPN/PPTP
      ... It is forced to PPTP and it still ... have even re-installed the tcp/ip software on the server ... and client and that did not help. ... a VPN connection using microsoft windows or they have the ...
      (microsoft.public.windowsxp.work_remotely)