Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Cannot establish PPTP VPN connection thru PAT on Cis co router

From: Ryan Russell <ryan () securityfocus com>
Date: Mon, 18 Sep 2000 10:43:58 -0700 (PDT)
On Mon, 18 Sep 2000, Ben Nagy wrote:


Congratulations. ;) Look at it this way - GRE doesn't have any port
information, so if you're trying to overload on an external IP address
there's no way for the router to know which internal host to give the return
GRE traffic to.


First come, first served.  There's enough info to support one GRE tunnel
per outside host via NAT, based solely on the pair of IP addresses.  
Obviously easy to have a collision though, and I imagine it's unlikely
that two machines behind one SoHo NAT box will have more than one outside
GRE termination point to talk to.

                                        Ryan


_______________________________________________
Firewall-wizards mailing list
Firewall-wizards () nfr net
http://www.nfr.net/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: