[pptp-server] Multiple masqueraded clients

Tom Owen taro at nub.co.uk
Fri Aug 10 04:00:18 CDT 2001 

Thanks to Pete Starzewski and Jamin Collins. As I 
understand the replies, the absence of any subaddressing in 
GRE means that poptop and any other pptp server can't tell 
the difference between the two clients behind the 
masquerading router. So that would explain the frenzies of 
packet-out-of-order messages. Amazing it worked at all. 
Live and learn.


>  >> All is well when a single PC uses its VPN connection. It is
>  >>also fine for a second user. But when either user closes
>  >> the connection, both connections drop.
> 
>  >You shouldn't even be able to make the second connection at all.
> 
> 
> Yes and no....  There is an initial tcp connect (I am assuming for the 
> login, initial connect and tunnel negotiation) and then the primary 
> connection for the tunnel itself is done with GRE which is more or less a 
> "raw" connection.  Theoretically, under a specific set of conditions, you 
> could negotiate multiple connections over the TCP channel and even 
> negotiate multiple tunnels.  Just don't try to actually use them.
> 
>  >There has been some discussion about this.  The PoPToP currently >follows the
>  >RFC which doesn't allow for multiple connections from one IP.  Some >people
>  >want to violate the RFC for the sake of functionality.  However I don't know
>  >of anyone actually working on something of this nature.
> 
> The RFC for pptp really doesn't have anything to do with it.  The problem 
> stems from the use of GRE for the tunnel.  If you eliminate GRE from pptp, 
> then you really have a brand new protocol.  Rather than re-inventing the 
> wheel, might I suggest IP-SEC?
> 
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> --- To unsubscribe, go to the url just above this line. --
> 


-------------------------------------------------------------
NUB Support Ltd -- Helpdesk: helpdesk at nub.co.uk 020 7553 9029  
Voice: 020 7553 9020 Fax: 020 7553 9021 
http://www.nub.co.uk   17 Dufferin Street, London, EC1Y 8PE
"It's like having your own IT department!"

More information about the pptp-server mailing list