[pptp-server] Linux PoPToP 2.4 with LAN Internet connection.
Charlie Brady
charlieb at e-smith.com
Wed Mar 6 22:58:47 CST 2002
On Thu, 7 Mar 2002, John Stephens wrote:
> Havn't got it working yet but found out why it isn't.
> GRE dosn't like NAT
> http://nsupport.elronsoftware.com/support/fwweb.nsf/c9629841688f08070525656b
> 0044511b/172d0da90a220ced85256840007cc235?OpenDocument
This just means that elronsoftware don't know how to do NAT properly.
As I understand it, GRE (http://www.faqs.org/rfcs/rfc2784.html) does not
encrypt packets, but does include an optional ones complement checksum
over the grep header and payload packet. Any NAT scheme should be able to
fiddle the checksum after translating addresses.
[IPSEC, OTOH, if authentication headers (AH) are used, does encrypt
packets, including the original IP heads. These cannot be successfully
NATed.]
--
Charlie Brady charlieb at e-smith.com
Lead Product Developer
Network Server Solutions Group http://www.e-smith.com/
Mitel Networks Corporation http://www.mitel.com/
Phone: +1 (613) 368 4376 or 564 8000 Fax: +1 (613) 564 7739
More information about the pptp-server
mailing list