Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: Brave Dave on February 16, 2005, 12:32:25 PM
-
I am finding that I can't connect to another PPTP server - not necessarily SME - but also SME, when I am behind an SME server (with WinXP SP2).
I am in all cases behind a router and the double nat scenario is in play
I am aware of Multilink flag, the SP2 patch etc, these aren't the issue. It came to a head today with a client having to connect through the ATO (Australia Tax) using the Cisco VPN client. It had been working previously - maybe the other end had upgraded something not sure.
In order to succeed I have to comment out the MASQUERADE line of 40masqLAN and allow the DSL router to do the nat, and place a route on the DSL router back through the external gateway to my local network. The effect is the remote PPTP immediately is active and stable where it failed - generally with 619 error
I wondering if there is a case here for a switch to disable MASQUERADE
appreciate any comments
-
For the Record;
Double NAT - where the SME Servers Access to the Internet is behind another NAT devices (ie. the DSL router) seems to be a major player in VPN reliability
My Experience
Dynalink RTA 300 - will not work
Netgear DG834 ? - will not work
Alcatel Speedtouch - no problem
-
Hi David
I use a lot of DG834 routers and have few if any VPN issues (inc at 6 accountant clients) using Solution6/Viztopia & ATO Cisco VPN.
This being said the ATO originally sent out incorrect config info for the connection (going back say 6-9 months).
If you have trouble with the PPTP passthru then just port forward 1723 to the SME IP & have that take care of it.
HTH
-
Try this. Turn off the PPTP service on the server acting as your gateway.
You'll find that when the VPN is off you can then make outbound VPN connections. Many of them if you choose.
This is an oddity with SME 6.X