PPTP VPN using MPD behind NAT help needed
Motonori Shindo
mshindo at mshindo.net
Wed Jul 14 20:45:22 PDT 2004
Mike,
From: "Mike Jakubik" <mikej at rogers.com>
Subject: Re: PPTP VPN using MPD behind NAT help needed
Date: Wed, 14 Jul 2004 22:15:49 -0400 (EDT)
> > This seems like a DSL router's problem. Because PPTP encapsulates PPP
> > using GRE, which is neither TCP nor UDP, routers sometimes can not NAT
> > PPTP traffic. Some router conqurs this problem by simply "passing
> > through" GRE packets (and hence this feature is sometimes called "VPN
> > Pass Through") assuming there is only one PPTP client behind NAT. What
> > you are seeing is most likely this case.
> >
> > There are, however, routers with more intelligence in this regard,
> > which is capable of handling GRE over NAT with many clients. 'natd'
> > included in FreeBSD is one of such "smart" NAT implementation.
>
> Thanks, but what has me concerned is that fact that one client can connect
> just fine. I belive they are using a watchguard firebox as their firewall.
"One client works just fine but not two or more clients
simultaneously" is a typical symptom you'll see when NAT device does
simple "VPN Pass Through".
> Aother strange thing is that we have had a Windows 2003 server behind this
> Dlink router, and VPN worked with the Windows server. This is what led me
> to belive that it may be something else.
Do you mean you used Windows 2003 Server as a PPTP server or a PPTP
client? If you used it as a PPTP client, did it always work OK with
other PPTP clients simultaneously through that DLink router?
Regards,
More information about the freebsd-net
mailing list