GRE Limitation
Chris Buechler
cbuechler at gmail.com
Fri Jul 18 12:23:39 UTC 2008
On Fri, Jul 18, 2008 at 6:03 AM, Rudi Kramer - MWEB <rkramer at mweb.com> wrote:
>
> I had the same issue and when I checked with our ms-admin team they said
> it was a Microsoft limitation.
>
No, it's an issue with many NAT implementations and how they handle
state for the GRE protocol. pf only tracks source IP, dest IP and
protocol. It has to do something more advanced, like tracking by GRE
call ID in addition to src/dst, to track connections in this manner.
Chris
More information about the freebsd-pf
mailing list