[pptp-server] Sanity Check -- NAT + VPN

Christopher Kalos ckalos at gothambroadband.com
Fri Sep 7 09:08:06 CDT 2001


	I've been ipforwarding (sorta) as it is.  Unfortunately, I'm the sysadmin
in New York, and they're the users in Germany.  So, the router is a Win2000
box.  That's why I was just looking to see if I can share the actual link
and then have concurrent VPN connections handled.
	To put it in more detail (which wasn't originally needed, but why not? :),
Win2000 NAT/ICS is just shy of useless.  I'm fairly convinced at this point
that Win98SE does a better job of sharing an internet connection.  Whether
I'm sharing the ISDN link out there, *or* the VPN link (think Windows, not
Linux!) web traffic doesn't work to anything but the gateway.  Ping and FTP
work, SSH works, even Telnet works, but I need a proxy for web traffic for
some unexplainable reason.  Add that into the fact that Win2000 can't route
for beans (even with regediting to add IP forwarding!), such that it's
providing NAT but only routing internal traffic through one of three
possible connections (remote LAN, ISDN, and VPN), and it's clear that this
solution requires a more powerful router.  Since that's still a couple of
days away for us, I'm just trying to make their network slightly more usable
until then.

CK

-----Original Message-----
From: pptp-server-admin at lists.schulte.org
[mailto:pptp-server-admin at lists.schulte.org]On Behalf Of George Vieira
Sent: Thursday, September 06, 2001 7:16 PM
To: 'Christopher Kalos'; Poptop Mailing List
Subject: RE: [pptp-server] Sanity Check -- NAT + VPN


If it's anything important, you can ipforward the NATed network to the VPN
LAN. If you require visible machines on the NAT clients then try routing the
network through... This is what I've been playing with at home. So why make
multiple connections when 1 is enough anyway?????

Any use?

-----Original Message-----
From: Christopher Kalos [mailto:ckalos at gothambroadband.com]
Sent: Friday, September 07, 2001 2:22 AM
To: Poptop Mailing List
Subject: [pptp-server] Sanity Check -- NAT + VPN


	I've got a group of systems attempting to access our PoPToP VPN from
a
remote location.  At this point, they're all sharing a single connection to
the outside world, so they're dealing with a NAT gateway.  I'm certain that
this can't be done, but I'd like to bounce it off of the list first.  Can
multiple clients connect from behind this NAT system to the VPN at the same
time?  If so, how would I go about setting that up?  I know that at the
moment, it fails miserably each time I try to get two users on, which I'll
chalk up to the GRE traffic.

Thanks in advance,
Christopher Kalos
Systems Administrator
Gotham Broadband
212.206.9620 x340

_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --
_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --




More information about the pptp-server mailing list