[pptp-server] PPTP masquerade && MS non-compliance
Charlie Brady
charlieb at e-smith.com
Fri Jun 22 14:16:44 CDT 2001
On Fri, 22 Jun 2001, Jamin Collins wrote:
> Charlie Brady [mailto:charlieb at e-smith.com] wrote:
> > The masquerading server does not have the authentication
> > information to create a server to remote server route, nor
> > should it create such a route for all its masqueraded
> > clients, as multiple clients probably don't have
> > authorization to send or receive packets from that remote server.
>
> I never said that it should, I simply stated that a single machine should
> make the connection and control the routing of any additional connections.
The same argument would apply to any other machine doing the routing. That
machine cannot control the authorization of additional connections.
> are talking. You appear to be concerned with unauthorized access, this can
> be controlled via many different mechanisms (many of which are more secure
> than individual VPN connections from individual workstations).
I'm unaware of any extended authorization mechanisms which are supported
by the PPTP protocol.
--
Charlie Brady charlieb at e-smith.com
http://www.e-smith.org (development) http://www.e-smith.com (corporate)
Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739
e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada
More information about the pptp-server
mailing list