Koozali.org: home of the SME Server

Simultaneous PPtP clients from same IP Fails..

Luis

Simultaneous PPtP clients from same IP Fails..
« on: March 05, 2003, 06:49:18 AM »
I am try obtain 2 simultaneous PPtP connection to the same remote PPtP Server (e-smith).

My 2 clients have using other e-smith (local) like default gateway to internet.

I lost connection (checked by ping command) to remote server later i make 2 pptp connection from w2k clients.

i cant make pptp connection and obtain differents ip for each, but i lost routing of packet to remote server.

Any body cant help me?..

This is a limitation of pptp protocols ?

Thanks in advance an sorry by my english.

Luis

Bill Talcott

Re: Simultaneous PPtP clients from same IP Fails..
« Reply #1 on: March 05, 2003, 05:04:16 PM »
Yes, you can only have one connection between 2 public IPs (one at the SME, one at the other network). To make more connections, you need to give the SME multiple IPs and have each client connect to a different one, or give the clients different IPs.

Luis

Re: Simultaneous PPtP clients from same IP Fails..
« Reply #2 on: March 05, 2003, 05:11:43 PM »
Hi Bill and thanks... i re-post the question in Expert forum next to read

VPN-Masquerade-HOWTO
 in the point 2.7

----------------
2.7 Can several clients on my local network use PPTP simultaneously?
Yes.

You must enable PPTP Call ID masquerade when configuring your kernel in order to distinguish between multiple data streams from the same server. PPTP masq with Call ID masq enabled will support many concurrent masqueraded sessions with no restrictions on which server a client can call.

----------------
The new question is...

Is enabled PPtp Call ID maquerade in the sme KERNEL?.. i post this question in the other forum.

THANKS!!!!

mike

Re: Simultaneous PPtP clients from same IP Fails..
« Reply #3 on: March 05, 2003, 10:15:21 PM »
Hello,

     To make life a little easier by a snapgear lite+ and have it do the pptp for you instead of having each client connect on their own, with the snap gear you can use pptp or ipsec to connect the network, i connects to the sme sever with no problems.

mike

Ed

Re: Simultaneous PPtP clients from same IP Fails..
« Reply #4 on: March 06, 2003, 10:25:16 PM »
Hi,

In 5.6, I believe it is enabled in the Kernel but it's broken right now.
In 5.5, and prior - It does not work.

Multiple connects from behind a single NAT router to single Server is not supported by the protocol.  

Win NT - SP4 and later, cheats to make this happen.  


Ed

Kelvin

Re: Simultaneous PPtP clients from same IP Fails..
« Reply #5 on: March 07, 2003, 01:19:16 PM »
>Multiple connects from behind a single NAT router to single Server is not
>supported by the protocol.

There is a workaround.

Look at my post at the Experience Users Forum.

Kelvin

Ef

Re: Simultaneous PPtP clients from same IP Fails..
« Reply #6 on: March 10, 2003, 12:00:49 AM »
Thanks for that workaround to have the whole LAN connect to the other LAN.  I have specific needs to have multiple clients,  not everyone on one LAN, to connect to the other.

I think there was a how to posted in the dev forum about forming a PPTP  tunnel between two LAN's

http://www.mail-archive.com/devinfo%40lists.e-smith.org/msg10839.html

Ed

Alejandro Lengua

Re: Simultaneous PPtP clients from same IP Fails..
« Reply #7 on: October 21, 2003, 04:21:00 AM »
So this means, that it is no possibility to have 2 computers connect (each one)behind NAT to one SME PPTP VPN server?

Kelvin

Re: Simultaneous PPtP clients from same IP Fails..
« Reply #8 on: October 21, 2003, 04:41:25 AM »
Hi Alejandro,

Let's call the 2 pcs PC1 and PC2.

If PC1 and PC2 are from different internet connections (even behind NAT), no problem.

If PC1 and PC2 are on the same network behind the same NAT router, then by default, they cannot both connect to the same PPTP server at the same time *unless* the NAT router they are using (be it a hardware NAT router or another SME server) has a PPTP client that can connect to the SME PPTP server at the other end. If it does, then both PC1 and PC2 can access the remote SME server at the same time.

IPSec is the way to go for LAN to LAN connections, if possible.

Kelvin