[pptp-server] pptpd questions/info newbie...
Jordan Share
iso9 at phantasticant.com
Fri Oct 5 14:45:34 CDT 2001
Are all your clients behind the same NAT? Or is each behind their own?
Most NAT solutions that I've encountered recently work fine with a client behind the NAT box. IIRC, the linux-based NAT will even allow you to have multiple PPTP clients behind the same NATted IP address, as long as they all connect to different PPTP servers.
If you have your clients behind the same NAT box, perhaps it supports IPSec? You can use FreeS/WAN on the linux side to create IPSec-based VPNs.
Jordan
-----Original Message-----
From: pptp-server-admin at lists.schulte.org
[mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Dean Roman
Sent: Friday, October 05, 2001 2:31 AM
To: pptp-server at lists.schulte.org
Subject: Re: [pptp-server] pptpd questions/info newbie...
Martin Feeney wrote:
>
> On Thu, 04 Oct 2001 11:51:56 Dean Roman wrote:
>
> > 1) Will PPTP work with the win2k clients behind NAT'd firewalls (like a
> > cable modem running NAT)?
>
> This is your biggest problem - probably not unless you can port forward
> port 1723 and protocol forward protocol 47(GRE). And it'll only work for
> one machine behind each NAT firewall.
>
When I try it, I'll let the group know if it works for me or not.
Any other ideas as to a good VPN solution that solves this problem,
given that I have all windows boxes on the client side behind NAT, and
Linux on the server side?
> > 2) Does the basic package found in woody WITHOUT any patches support any
> > kind of encryption mechanism?
>
> Nope, but if you trust me not to do anything nasty, I can send you a .deb
> with mppe and smb-stripdomain patches.
I would be very gratefull for this as I have been scratching my head
trying to figure out how to get the ppp patches correctly built in, then
into a deb package. (the ppp .debs you have, I'm assuming, are for ppp
2.4.1 and the newest pptpd)?
>
> Then you can also install the kernel-patch-mppe package and apply it to
> your kernel.
The kernel-patch-mppe I have already installed. I didn't see that one
until Neale Banks gave me the scoop...thanks Neale.
>
> This should also take care of questions 3,4,6 and 7.
>
> > 5) Is the concept the same as that for a regular dialup connection using
> > ppp?
>
> Yes and no. The lcp/ppp protocols are the same (with the addition of mppe
> for encryption). The transport layer is over ip rather than over a
> telephone line, however.
>
> The client create a tcp connection on port 1723 to the server. They have a
> little chat and open up an ip socket connection (protocol 47 - GRE) to
> contain the tunnel and run ppp over it.
>
> Other than that simple explanation, there are many, many FAQs and
> whitepapers you can read - most of them available at, or linked from
> http://poptop.lineo.com/
>
> Martin.
> _______________________________________________
> pptp-server maillist - pptp-server at lists.schulte.org
> http://lists.schulte.org/mailman/listinfo/pptp-server
> --- To unsubscribe, go to the url just above this line. --
Thanks for the info....I will look for the .debs in my mail or a URL for
them.
---Dean.
droman at romansys.com
_______________________________________________
pptp-server maillist - pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --
More information about the pptp-server
mailing list