PPTP VPN using MPD behind NAT help needed
Mike Jakubik
mikej at rogers.com
Wed Jul 14 20:37:02 PDT 2004
Motonori Shindo said:
>> > This seems like a DSL router's problem. Because PPTP encapsulates PPP
>> > using GRE, which is neither TCP nor UDP, routers sometimes can not NAT
>> > PPTP traffic. Some router conqurs this problem by simply "passing
>> > through" GRE packets (and hence this feature is sometimes called "VPN
>> > Pass Through") assuming there is only one PPTP client behind NAT. What
>> > you are seeing is most likely this case.
>> >
>> > There are, however, routers with more intelligence in this regard,
>> > which is capable of handling GRE over NAT with many clients. 'natd'
>> > included in FreeBSD is one of such "smart" NAT implementation.
>>
>> Thanks, but what has me concerned is that fact that one client can
>> connect
>> just fine. I belive they are using a watchguard firebox as their
>> firewall.
>
> "One client works just fine but not two or more clients
> simultaneously" is a typical symptom you'll see when NAT device does
> simple "VPN Pass Through".
I never said simultaneously, i mean that only one of them can connect.
They are not all connecting at once.
>> Aother strange thing is that we have had a Windows 2003 server behind
>> this
>> Dlink router, and VPN worked with the Windows server. This is what led
>> me
>> to belive that it may be something else.
>
> Do you mean you used Windows 2003 Server as a PPTP server or a PPTP
> client? If you used it as a PPTP client, did it always work OK with
> other PPTP clients simultaneously through that DLink router?
>
> Regards,
Yes, as a PPTP server. Also, we have no problems establishing more than
one outgoing PPTP connection via this router.
Thanks.
More information about the freebsd-net
mailing list