lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Aug 2007 11:12:27 -0700 From: "Joseph Karpenko \(jkarpenk\)" <jkarpenk@...co.com> To: "Michael Gale" <michael.gale@...on.com>, <full-disclosure@...ts.grok.org.uk> Subject: Re: Cisco support multiple pptp (GRE) Channels ? > -----Original Message----- > From: full-disclosure-bounces@...ts.grok.org.uk > [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf > Of Michael Gale > Sent: Wednesday, August 15, 2007 12:42 PM > To: full-disclosure@...ts.grok.org.uk > Subject: [Full-disclosure] Cisco support multiple pptp (GRE) > Channels ? > > Hey, > > Does anyone know if a Cisco firewall can support > multiple PPTP (GRE) > channels from internal clients to a single external server ? yes, you'd need to have 1-1 NAT translations for the clients behind the firewall. > > --snip-- > Right now the PPTP server is on the public network and it is working > correctly for connections from all clients. We have a private network > from behind a firewall, let's call it firewall A. A single > client from > behind firewall A can connect with out a problem, however if a second > client tries to connect from behind firewall A it looks like > firewall A > does not forward the PPP LCP packets. > > Am I correct that mutliple GRE (proto 47) tunnels would be a problem > when the clients have the same IP address? you got it, there is nothing to identify and differentiate the flows - hence the reason the PPTP clients need 1-1 NATs. -- karpenko > --snip-- > > > -- > Michael Gale > > Red Hat Certified Engineer > Network Administrator > Pason Systems Corp. > > "What we need are more people who specialize in the impossible." - > Theodore Roethke > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists