[pptp-server] multiple users with PoPTop
Charles Sinsofsky
CSinsofsky at FUTUREWAY.CA
Fri Aug 18 12:47:11 CDT 2000
Hello all,
I have successfully implemented the VPN on my Linux Red hat 6.2,
with pptp 1.001. and pppd 2.3.11 and the mppe patch all works fine, I can
login etc..
My question is with 'multiple' users, I am wondering about conflicts
with VPN usage when multiple users login to my VPN server through my
IPchains firewall.
I noted in the VPN howto about needing to add Call-ID into the
Kernel to permit multiple concurrent sessions of users with windows 95/98/nt
outside on the internet to connect to my VPN (using a pptp ms-vpn adapter)
to my poptop server on the Linux firewall machine. The question is, I can
not find this 'Call-ID' in the kernel???
so far I have successfully deployed the system, I have logged into
from two different dial-up ISP's and from a cable modem. all worked fine
permitted me to connect to the VPN and then establish the connection, and
then use my ms-exchange server, all worked fine.
In a test, I logged online with my home network, this time using two
different pc's from my internal network...they feed up to the internet
through another ip-masqing Linux machine. I established one VPN connection,
all was fine, I then established another from another point in my home
network *another windows 98* machine, I logged online to the VPN with a
totally different username and password.....here is where the problem began,
I noticed in the /var/log/messages that GRE packets became out-of-sync....am
I merely experiencing this problem because both of my VPN connections came
from a single net-id ??? or will my system only permit one - user to login
to the VPN at any given time, because GRE packets get confused with many
users?
Currently in the pptpd.conf file I use only one local ip address,
with a range of 10 external addresses. the documentation is not really clear
here, is my problem related to the one-local ip address? how come? the
packets are defined, it should not mix-them up?? or should I use multiple
-local-ip address for the other side of the VPN to ensure that GRE packets
are not confused?
I have yet to test it with totally -2- different ip address out on
the net. tonight I will use my dial-up connection for point 1 to the vpn and
my cable modem for point 2 to the vpn, and see what happens.
I could easily have the potential for 30 users using the VPN at a
given time...so far I have only seen one-user run properly in real time.
My personal computer is a Pentium III 450mhz with 128megs of ram,
and 10 gigs of disk space. This should easily permit 30 users for VPN
access??
anyone have stats with regards to VPN usage with multiple users?
have anyone experienced GRE packet problems with regards to multiple
connections i.e.: multiple users on the vpn..external ...coming into the
corporate network ...I use it for email ms-exchange use'
I am willing to share my experiences with anyone ...the vpn works
great with exchange...I used the seawall firewall (which is excellent) on
both my systems at home and at the office. I have done vpn's both ways to
and from my home network. and have users logging into the vpn at the office
for their email on ms-exchange. but so far deployment has been slow due to
my concern with multiple users issues?
- Thank you.
- Charles Sinsofsky
Systems Architect - Futureway Communications
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.schulte.org/mailman/private/pptp-server/attachments/20000818/c7293a3e/attachment.html>
More information about the pptp-server
mailing list