Lonnie Abelbeck wrote:
> Yes, this is normal for 1:N NAT and PPTP (GRE). With UDP and TCP, NAT
> keeps track of the local private addresses by using the UDP/TCP "port"
> field. PPTP's raw IP (GRE) does not have a port field to mess with, so
> only one connection at a time will work.
> One solution might be to provide the customer with more static IP's;
> using 1:1 NAT in m0n0wall to provide the PPTP'ers with their own public
> IP address. This should work around the 1:N NAT issue, provided the
> number of PPTP users are small and known.
Another option is an ipsec tunnel between locations. To secure it, have
the local users pptp into the local m0n0wall. That network alone would
have access to the ipsec link.