Multiple Windows PPTP Clients/Easy VPN Solution???

Tarantismic Yak · 11-15-2001, 02:37 AM

Hey All,

I'm running a PoPToP server for VPN connections and desperately need a way to allow multiple WinBlows PPTP clients to access it from behind a single firewall IP. Is there a way to change the Call ID on the client side to allow this???

Alternatively, is there a 'quick, light and easy' VPN solution with a Windows 9x/NT/etc client and linux server that allows multiple connections as described above??? Or another way to achieve same...?

Any help forever appreciated. Thanks

raz · 11-16-2001, 09:29 AM

Tarantismic Yak,

What's the problem?
It's designed to work with 98, NT40 client and server and 2000.
Please explain what you mean by "behind a single firewall IP".

Do you mean infront of a firewall?

i.e you have your VPN PPTP linux server running on a internal network and your external modem Windozes systems all have modem connections, but when you try to connect your to your VPN PPTP server a firewall is in front of it ?

Where does the Call ID come into this, does the firewall use RSA's call ID token ?

It's the only Linux PPP VPN server I know that can do what you want.

/Raz

Tarantismic Yak · 11-18-2001, 04:02 AM

Raz,

First - thanks for the reply, it's nice of you to lend an ear

What I mean by 'single firewall IP' is that there are multiple clients on a number of private LANs, each behind their own firewall with a single public IP, who need to access the VPN server which has a public IP on a seperate subnet. The firewalls on the client networks are in this case simple NAT capable routers.
The problem is that I can only get one client per LAN/router/public IP to connect, due to the combined limitations of PPTP and NAT, after that almost all the reply packets from the server get sent to the first client machine.
On the last note, it's the only solution I've found so far too, if only the clients could run Linux too, it would be so simple!

Thanks again,

The Yak

raz · 11-21-2001, 09:32 AM

ah I see, you like complicated configurations.
It's doesn't help that your using NAT but I'll have a look around and see if I can find some answers.

/Raz

Tarantismic Yak · 11-21-2001, 10:51 PM

Hey Raz,

Again, thanks for looking into this. The setup is not complicated by choice, I'm of the philosophy that simpler is better and always less likely to have problems but unfortunately simpler doesn't always mean cheaper. We have around 50 offices that need to have each machine on their LAN connected to the PPTP server. It is not economically viable to place a PPTP capable router or server at each location - hence multiple Windows clients behind each LANs firewall with the required NAT. Ideally the PPTP solution would be replaced by a more suitable VPN protocol, but an alternative has been hard to find.

Thanks again,

The Yak

estranged0877 · 04-17-2003, 01:24 PM

I am in the same boat. I have a VPN server off site. I have clients onsite behind a linux firewall with Nat. Only one client can connect to VPN server.

I don't want to resort to WINBLOWS to fix this issue and open my site to being hacked.

Any and all help would be appreciated.