From owner-freebsd-net@FreeBSD.ORG Thu Jul 15 02:15:54 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7230916A4CE for ; Thu, 15 Jul 2004 02:15:54 +0000 (GMT) Received: from CPE000103d44c07-CM000f9f7ae88c.cpe.net.cable.rogers.com (CPE000103d44c07-CM000f9f7ae88c.cpe.net.cable.rogers.com [69.193.41.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id 42E7B43D48 for ; Thu, 15 Jul 2004 02:15:54 +0000 (GMT) (envelope-from mikej@rogers.com) Received: from localhost (localhost [127.0.0.1]) with ESMTP id EF9952954C4; Wed, 14 Jul 2004 22:15:50 -0400 (EDT) Received: from CPE000103d44c07-CM000f9f7ae88c.cpe.net.cable.rogers.com ([127.0.0.1])10024) with ESMTP id 45942-09; Wed, 14 Jul 2004 22:15:49 -0400 (EDT) Received: from 192.168.0.1 (localhost [127.0.0.1]) with ESMTP id 3E97C2954C3; Wed, 14 Jul 2004 22:15:49 -0400 (EDT) Received: from 192.168.0.200 (SquirrelMail authenticated user mikej); by 192.168.0.1 with HTTP; Wed, 14 Jul 2004 22:15:49 -0400 (EDT) Message-ID: <3545.192.168.0.200.1089857749.squirrel@192.168.0.200> In-Reply-To: <20040715.103834.59465255.mshindo@mshindo.net> References: <62362.66.11.183.182.1089822939.squirrel@66.11.183.182> <20040715.103834.59465255.mshindo@mshindo.net> Date: Wed, 14 Jul 2004 22:15:49 -0400 (EDT) From: "Mike Jakubik" To: "Motonori Shindo" User-Agent: SquirrelMail/1.4.3a X-Mailer: SquirrelMail/1.4.3a MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: by amavisd-new at fbsd.wettoast.net cc: freebsd-net@freebsd.org Subject: Re: PPTP VPN using MPD behind NAT help needed X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jul 2004 02:15:54 -0000 Motonori Shindo said: > Mike, > > This seems like a DSL router's problem. Because PPTP encapsulates PPP > using GRE, which is neither TCP nor UDP, routers sometimes can not NAT > PPTP traffic. Some router conqurs this problem by simply "passing > through" GRE packets (and hence this feature is sometimes called "VPN > Pass Through") assuming there is only one PPTP client behind NAT. What > you are seeing is most likely this case. > > There are, however, routers with more intelligence in this regard, > which is capable of handling GRE over NAT with many clients. 'natd' > included in FreeBSD is one of such "smart" NAT implementation. > > Regards, Thanks, but what has me concerned is that fact that one client can connect just fine. I belive they are using a watchguard firebox as their firewall. Aother strange thing is that we have had a Windows 2003 server behind this Dlink router, and VPN worked with the Windows server. This is what led me to belive that it may be something else.