Topic: Simple 7.3 VPN (PPTP) Question...

[billym]

I am sure this has been asked before but I have had a hard time understanding whats being discussed. I have been using SME for years now but not until recently have a had to setup VPN for my clients (I had used it for remote admin access only). My clients employees need to VPN into the network from home, and remote desktop into there workstations (XP). The network topography is:

HOME-->CABLEMODEM(STATICIP)-->SME(SVR/GTWYMODE)-->LAN-->WORKSTATIONS

It seems that SME is not letting more than one person at a time VPN to the server. When that person drops, another can connect but not more than one.

Any ideas?

[e[nt]e]

It seems that SME is not letting more than one person at a time VPN to the server. When that person drops, another can connect but not more than one.

You should be able to modify this restriction in the server-manager at the security section. Set the appropriate value under PPTP Settings (Number of PPTP clients).

Regards,
Niklas

[Reinhold]

http://wiki.contribs.org/SME_Server:Documentation:Administration_Manual:Chapter11

Regards
Reinhold

[mmccarn]

PPTP only supports one connection per public IP pair - so if you have 2 users at "home", only one will be able to connect to SME at a time.

That is, you should be able to get two PPTP connections if you have two different remote users, but if both remote users are at the same location you will need to setup a VPN bridge of some sort to let them both access the SME at the same time.

[CharlieBrady]

PPTP only supports one connection per public IP pair ...

Not exactly. The PPTP protocol does support more than one connection per IP pair, but the linux implementation doesn't correctly handle multiple calls with the same endpoint IP addresses. So correctly stated, the SME server PPTP VPN feature only supports one connection per public IP pair ...

[NoTo]

Apologies if I'm butting-in on someone elses question, but this is on my to-do list next month. I'm now wondering how to achieve it.

Would a good way be to buy a hardware VPN device that will accept the required number of connections (5 in my case) and then pass the traffic to the local network as normal?

TIA,
Graham

[mercyh]

By setting the number of connections to 5 in the server-manager panel you can have 5 clients VPN'd in, however they must all have different IP subnets on their machines. (for example, server IP subnet=192.168.1.X, user1 ip=192.168.2.X, user2=192.168.3.x, etc.) No two users can have the same IP address. This means that if two users are behind the same router, they cannot both be vpn'd in.

If you wish to connect two entire subnets Site-to-Site VPN is much better then PPTP.

http://forums.contribs.org/index.php?topic=41740.15