128 bit PPTP Encryption and NAT

Hugo Caye Hugo at MICMAC.COM.BR
Fri Aug 11 19:42:47 EDT 2000


AFAIK, Eicon DIVA LAN also supports PPTP/GET NAT/PAT. Can anyboy
confirm that this info is 100% correct?
<http://www.eicon.com/divalan/>

Cisco's IOS must be at least 12.1(3)T. See bug id CSCdk60714.

Currently I have a customer with Win2K NAT with PPTP/GRE running
pretty well.


            Hugo Caye

O__  ----
c/ /'_ ---
(*) \(*) --
~~~~~~~~
ccna ccda
mcne³ ncip
mcse cne5

-----Original Message-----
From: Geir Aasen [mailto:Geir.Aasen at ASKPROXIMA.NO]

Win2K NAT supports GRE(PPTP) and 3COM ISDN lanmodem, Sonicwall.
Most NAT implementation don't.

Geir Aasen

> ----------
> From: 	Jon Carnes[SMTP:jonc at HAHT.COM]
>
> Linux (and BSD) fully support running PPTP from behind a NAT.  They
are
> beyond the patch stage.  you can run multiple incidents of PPTP from
> behind
> a Linux firewall.
>
> Jon Carnes

> ----- Original Message -----
> From: "Pete Davis" <pete at ETHER.NET>
>
> > You can use PPTP sessions from behind a NAT (PAT) device as long
as it
> supports
> > GRE PAT, which most devices do not. Many small devices do have
this
> support
> > and Linux does with a special patch from John Hardin. You will
only be
> able
> > to use 1 PPTP session at a time from behind this NAT device to a
> specific
> > central site Concentrator at a time.
> >
> > Regards,
> >
> > pete
> >
> > On Mon, Jul 31, 2000 at 05:59:27PM -0700, Michael Medwid wrote:
> > > Should there be any incompatibility between 128 bit PPTP
encryption
> > > and users behind a NATted environment?  My Altiga (Cisco 3030)
seems
> to
> kick
> > > off the tunnels if they were originated from a NATted
environment.
> Cisco
> > > TAC didn't have too much to say on the whole thing other than
"uh yeah
> that
> > > won't work."  Thanks for any insight.
> > >
> > > -Michael

VPN is sponsored by SecurityFocus.COM




More information about the VPN mailing list