[pptp-server] Re: [similar problem, second posting

[Shekhar Joshi]

hi
i too have a similar problem, iposted my message yesterday, but as yet
no one has answer it, jut to be on record i am posting it again
i am trying to implement a gateway-firewall solution using iptables on
redhat 7.1, i also need to allow incoming vpn connections using pptp,
and also need to allow around 15-20 outgoing vpn connections to a remote
network.
well allowing incoming connections through important is not urgent, but
yes i need to be able to allow the outgoing vpn connections. 
currently i have just SNAT'd the vpn clients and allowed the the ports
1723 and protocol 47, does anyone have any detailed step by step info on
how to implement the above.
as of now i am able to allow outgoing vpn connections but the max limit
is 4, why does it not allow more connections any ideas? actually after
more than 4 connections, the client is able to authenticate but later it
says infinitely trying port and hangs out on the w2k-vpn-client.

regards 
Shekhar

HVR wrote:
> 
> Earlier i wrote the section below, after studying the problem some more
> i realize i need to start hacking pptpctrl.c to allow for multiple
> tunnels per ip-pair. can anyone on this list help me with this
> enhancement? or point me to a (better) implementation of pptp that
> allows multiple tunnels. if i dont do this they will go with a microsoft
> solution :(
> 
> HVR wrote:
> 
> > i have multiple clients behind a linux box doing NAT/MASQ: the first
> > client can connect just fine but once i start a 2nd one it somehow uses
> > the same tunnel and things get really screwy.
> >
> > i searched the archives and found the trick to use ip aliasing on the
> > pptpd server but then all the clients need to know which ip is free and
> > which is used. another problem is that i will have dozens of clients so
> > extra ips are not a scalable solution.
> >
> > now i am aware that this will break the pptp standard, but i have been
> > told that the M$ implementation of pptp server will do this just fine
> > buti really would like to create a linux based solution (if only to show
> > them you do NOT need windows in here).
> >
> > Any leads/pointers on how i can solve my problem, if need be i will hack
> > up the source code for pptpd, if someone can tell me were to start looking.
> >
> > H.
> >
> > _______________________________________________
> > pptp-server maillist  -  pptp-server at lists.schulte.org
> > http://lists.schulte.org/mailman/listinfo/pptp-server
> > --- To unsubscribe, go to the url just above this line. --
> >
> 
> _______________________________________________
> pptp-server maillist  -  pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> --- To unsubscribe, go to the url just above this line. --