[pptp-server] Sanity Check -- NAT + VPN

Kevin Parent kparent at csd.mine.nu
Fri Sep 7 17:05:01 CDT 2001


If you need a good and cheap router to replace your Win2000 ICS box, try
Freesco (Free Cisco replacement).  It's a free linux distro that's easy to
use and can run on a old 486 or better right off a floppy.  You only need to
supply an old 486 or better with at least 8 meg of ram and two NIC cards.
Features include firewall, DNS caching server, dhcp server, web server, dial
in PPP server and more.  You can pick and choose which servers you want to
run.  PPTP traffic can be routed thru the Freesco box.

My explaination doesn't do it justice.  Check it out yourself at
www.freesco.org

I've been using it for about 1.5 years - works great!

Regards,
Kevin Parent

-----Original Message-----
From: pptp-server-admin at lists.schulte.org
[mailto:pptp-server-admin at lists.schulte.org]On Behalf Of Christopher
Kalos
Sent: Friday, September 07, 2001 9:08 AM
To: Poptop Mailing List
Subject: RE: [pptp-server] Sanity Check -- NAT + VPN


	I've been ipforwarding (sorta) as it is.  Unfortunately, I'm the sysadmin
in New York, and they're the users in Germany.  So, the router is a Win2000
box.  That's why I was just looking to see if I can share the actual link
and then have concurrent VPN connections handled.
	To put it in more detail (which wasn't originally needed, but why not? :),
Win2000 NAT/ICS is just shy of useless.  I'm fairly convinced at this point
that Win98SE does a better job of sharing an internet connection.  Whether
I'm sharing the ISDN link out there, *or* the VPN link (think Windows, not
Linux!) web traffic doesn't work to anything but the gateway.  Ping and FTP
work, SSH works, even Telnet works, but I need a proxy for web traffic for
some unexplainable reason.  Add that into the fact that Win2000 can't route
for beans (even with regediting to add IP forwarding!), such that it's
providing NAT but only routing internal traffic through one of three
possible connections (remote LAN, ISDN, and VPN), and it's clear that this
solution requires a more powerful router.  Since that's still a couple of
days away for us, I'm just trying to make their network slightly more usable
until then.

CK

-----Original Message-----
From: pptp-server-admin at lists.schulte.org
[mailto:pptp-server-admin at lists.schulte.org]On Behalf Of George Vieira
Sent: Thursday, September 06, 2001 7:16 PM
To: 'Christopher Kalos'; Poptop Mailing List
Subject: RE: [pptp-server] Sanity Check -- NAT + VPN


If it's anything important, you can ipforward the NATed network to the VPN
LAN. If you require visible machines on the NAT clients then try routing the
network through... This is what I've been playing with at home. So why make
multiple connections when 1 is enough anyway?????

Any use?

-----Original Message-----
From: Christopher Kalos [mailto:ckalos at gothambroadband.com]
Sent: Friday, September 07, 2001 2:22 AM
To: Poptop Mailing List
Subject: [pptp-server] Sanity Check -- NAT + VPN


	I've got a group of systems attempting to access our PoPToP VPN from
a
remote location.  At this point, they're all sharing a single connection to
the outside world, so they're dealing with a NAT gateway.  I'm certain that
this can't be done, but I'd like to bounce it off of the list first.  Can
multiple clients connect from behind this NAT system to the VPN at the same
time?  If so, how would I go about setting that up?  I know that at the
moment, it fails miserably each time I try to get two users on, which I'll
chalk up to the GRE traffic.

Thanks in advance,
Christopher Kalos
Systems Administrator
Gotham Broadband
212.206.9620 x340

_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --
_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --

_______________________________________________
pptp-server maillist  -  pptp-server at lists.schulte.org
http://lists.schulte.org/mailman/listinfo/pptp-server
--- To unsubscribe, go to the url just above this line. --




More information about the pptp-server mailing list