[ previous ] [ next ] [ threads ]
 
 From:  "Josh McAllister" <josh at bluehornet dot com>
 To:  "Christopher M. Iarocci" <iarocci at eastendsc dot com>, "Keith Redfield" <kredfield at airsurfwireless dot com>
 Cc:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] VPN Passthru
 Date:  Tue, 18 Jan 2005 09:22:54 -0800
In my experience, m0n0 has no problem with session tracking of PPTP so long as you are not trying to
connect multiple clients from the same src ip to the same dst ip. Look under the PPTP tab, you will
see an option to redirect incoming PPTP connections to the host of your choosing. I used this with
at least a half dozen clients (forwarded to a Win2k Server) for a while before opting to use m0n0's
built in PPTP server with Radius auth.

Again, you WILL have problems if you try to connect multiple clients from the same src ip (Though
you can work around this by setting up Server NAT so that m0n0 will listen on multiple IPs),
otherwise should be fine, and I don't see any reason why it wouldn't work with 10-20+ connections
even on a soekris/wrap.

Josh McAllister

-----Original Message-----
From: Christopher M. Iarocci [mailto:iarocci at eastendsc dot com] 
Sent: Tuesday, January 18, 2005 5:19 AM
To: Keith Redfield
Cc: m0n0wall at lists dot m0n0 dot ch
Subject: Re: [m0n0wall] VPN Passthru

As stated a few threads ago, no, you can not currently do this with 
m0n0wall do to the limitation of pf.

-Chris

Keith Redfield wrote:

>It's the NAT (PAT actually) piece that makes PPTP difficult so I'm not sure your answer below takes
that into account. To support > 1 PPTP, the I believe the box must keep track of PPTP session ID's
and build a seperate PAT translation for all of them. 
> 
>So does m0n0 have built in session support for multiple PPTP via P/NAT is maybe the more precise
question. I'm anxious to know as well.
> 
>-Keith
>
>________________________________
>
>From: Alex Threlfall [mailto:Alex at Cyberprog dot Net]
>Sent: Mon 1/17/2005 1:56 PM

>Subject: RE: [m0n0wall] VPN Passthru
>
>
>
>In theory it should just be a single port mapping which is PPTP (1723) and
>m0n0wall should be able to support many more than your adsl/cable would be
>able to support ;) (Based on the fact that you're using an linksys router I
>guess you're using adsl or cable!)
>
>Kind Regards,
>
>  Alex Threlfall
>Cyberprog New Media
>tel - 0870 446 0789
>fax - 0870 446 1789
> www.cyberprog.net
>
>  
>
>>-----Original Message-----

>>Sent: 17 January 2005 9:46 PM
>>To: m0n0wall at lists dot m0n0 dot ch
>>Subject: [m0n0wall] VPN Passthru
>>
>>Hello,
>>
>>I'm looking at using monowall in our environment here in the
>>office, but before too much time is invested I need to know something.
>>
>>Here's are situation, SBS 2003 behind a router (linksys)
>>which I want to replace with monowall.  Our remote users want
>>to be able to VPN to the SBS vpn server.  Well this is where
>>my question comes in, how many concurrent connection can pass
>>three monowall to my SBS vpn?  With the router we have now,
>>we are limited to one, so I want to replace it to allow
>>multiples pass trews.
>>
>>Can it be done?
>>
>>Thanks
>>Andre
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>
>>
>>    
>>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>
>
>
>  
>



-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.6.13 - Release Date: 1/16/2005


---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch