[KLUG Members] VPN

[Adam Tauno Williams]

> This is my Netowk diagram
> PPTP Clients -------> NAT BOX ( Fedora Core 3 with iptable ) ---->
> Internet -------> VPN Server ( PPTP )
> All clients in private LAN (PPTP Clients) are windows XP or 2000 michines.
> I setup one connection from one client to the PPTP server, then I
> tried to test the connection. It is working. so far so good. I setup
> the another connection from my LAN to the
> same PPTP server. It try to verify the user name and password and then
> connection closed with a error message ( Remote computer is not
> responding ).
> I could not make any changes in the VPN Server. I hope any one can help me.

PPTP uses GRE/IP (that is *NOT* TCP or UDP) for tunnel traffic.  You can
only NAT one GRE connection at a time between two points since GRE does
not have any concept like port numbers.  I believe there is a special
option in iptables and/or a kernel module that will let you NAT multiple
GRE connections,  but I haven't tried it (introduced in late 2.4.x as I
recall so it should be in any 2.6.x)

My solution in these instances has been to move to a net-to-net VPN
configuration rather than have a many-client-to-net configuration.