128 bit PPTP Encryption and NAT

Geir Aasen Geir.Aasen at ASKPROXIMA.NO
Thu Aug 3 01:12:36 EDT 2000


Win2K NAT supports GRE(PPTP) and 3COM ISDN lanmodem, Sonicwall.
Most NAT implementation don't.

Geir Aasen

> ----------
> From: 	Jon Carnes[SMTP:jonc at HAHT.COM]
> Reply To: 	Jon Carnes
> Sent: 	2. august 2000 13:34
> To: 	VPN at SECURITYFOCUS.COM
> Subject: 	Re: 128 bit PPTP Encryption and NAT
>
> Linux (and BSD) fully support running PPTP from behind a NAT.  They are
> beyond the patch stage.  you can run multiple incidents of PPTP from
> behind
> a Linux firewall.
>
> Jon Carnes
> MIS - HAHT Software
> ----- Original Message -----
> From: "Pete Davis" <pete at ETHER.NET>
> To: <VPN at SECURITYFOCUS.COM>
> Sent: Tuesday, August 01, 2000 4:46 PM
> Subject: Re: 128 bit PPTP Encryption and NAT
>
>
> > You can use PPTP sessions from behind a NAT (PAT) device as long as it
> supports
> > GRE PAT, which most devices do not. Many small devices do have this
> support
> > and Linux does with a special patch from John Hardin. You will only be
> able
> > to use 1 PPTP session at a time from behind this NAT device to a
> specific
> > central site Concentrator at a time.
> >
> > Regards,
> >
> > pete
> >
> > On Mon, Jul 31, 2000 at 05:59:27PM -0700, Michael Medwid wrote:
> > > Should there be any incompatibility between 128 bit PPTP encryption
> > > and users behind a NATted environment?  My Altiga (Cisco 3030) seems
> to
> kick
> > > off the tunnels if they were originated from a NATted environment.
> Cisco
> > > TAC didn't have too much to say on the whole thing other than "uh yeah
> that
> > > won't work."  Thanks for any insight.
> > >
> > > -Michael
> > >
> > > VPN is sponsored by SecurityFocus.COM
> >
> > ---
> >      Pete Davis - Product Manager <psd at cisco.com>  (508) 541-7300 x6154
> >    Cisco Systems, Inc.  - 124 Grove Street Suite 205   Franklin, MA
> 02038
> >
> > VPN is sponsored by SecurityFocus.COM
>
> VPN is sponsored by SecurityFocus.COM
>

VPN is sponsored by SecurityFocus.COM




More information about the VPN mailing list