Re: [WISPA] multiple PPPTP vpn clients behind NAT, tips?
In forums.mikrotik.com I found this... http://forum.mikrotik.com/viewtopic.php?f=1t=21095p=107469hilit=nat+p ptp+helper#p107469 It looks like there is an issue since 3.0 that they have removed IP Helpers. I will keep looking. Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of rabbtux rabbtux Sent: Friday, August 01, 2008 10:51 PM To: WISPA General List Subject: Re: [WISPA] multiple PPPTP vpn clients behind NAT, tips? Yes I have that enabled already. In fact, on other MT systems that carry the backhaul (no firewall or nat) I also enabled this just to be safe. Version 2.9.x has a helper for GRE and PPtP, version 3.x only has PPtP, in these firewall 'helpers'. My border system is version 3.10. I need to make progress on this issue, since a couple customers have gone into town to other hotspots and have no trouble, so my network is to blame. On Fri, Aug 1, 2008 at 7:23 PM, Eric Rogers [EMAIL PROTECTED]wrote: In your Mikrotik Service Ports tab (under IP Firewall), be sure that PPtP is enabled. That is your PPtP Helper to allow it to pass via the MT NAT. Don't have a clue as to why you would need it unless it allows other ports through (GRE or something). Eric Rogers Precision Data Solutions, LLC (317) 831-3000 x200 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of rabbtux rabbtux Sent: Friday, August 01, 2008 8:53 PM To: WISPA General List Subject: [WISPA] multiple PPPTP vpn clients behind NAT, tips? All, I have a fully routed network behind a MT border gateway that does nat for most residential customers. Recently, I am hearing more rumblings about customers with pptp VPNs having problems. From what I undersand, isn't PPPTP supposed to be NAT friendly?? Is there something inherent about it that would prevent multiple client connections from behind the same nat? In our case, the customer has a home router (nat) and the border router connected to fiber also does nat. All tips and network wisdom is appreciated! Thanks, Marshall WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] multiple PPPTP vpn clients behind NAT, tips?
Actually, They didn't remove the IP helpers, they are built in. Try something for me. If you go to the IPFirewallService Ports page, disable (not delete) the PPtP port and see if that makes a difference. I had to disable the SIP one to allow SIP via the NAT interface. Let me know if it works. Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Rogers Sent: Saturday, August 02, 2008 8:56 AM To: WISPA General List Subject: Re: [WISPA] multiple PPPTP vpn clients behind NAT, tips? In forums.mikrotik.com I found this... http://forum.mikrotik.com/viewtopic.php?f=1t=21095p=107469hilit=nat+p ptp+helper#p107469 It looks like there is an issue since 3.0 that they have removed IP Helpers. I will keep looking. Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of rabbtux rabbtux Sent: Friday, August 01, 2008 10:51 PM To: WISPA General List Subject: Re: [WISPA] multiple PPPTP vpn clients behind NAT, tips? Yes I have that enabled already. In fact, on other MT systems that carry the backhaul (no firewall or nat) I also enabled this just to be safe. Version 2.9.x has a helper for GRE and PPtP, version 3.x only has PPtP, in these firewall 'helpers'. My border system is version 3.10. I need to make progress on this issue, since a couple customers have gone into town to other hotspots and have no trouble, so my network is to blame. On Fri, Aug 1, 2008 at 7:23 PM, Eric Rogers [EMAIL PROTECTED]wrote: In your Mikrotik Service Ports tab (under IP Firewall), be sure that PPtP is enabled. That is your PPtP Helper to allow it to pass via the MT NAT. Don't have a clue as to why you would need it unless it allows other ports through (GRE or something). Eric Rogers Precision Data Solutions, LLC (317) 831-3000 x200 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of rabbtux rabbtux Sent: Friday, August 01, 2008 8:53 PM To: WISPA General List Subject: [WISPA] multiple PPPTP vpn clients behind NAT, tips? All, I have a fully routed network behind a MT border gateway that does nat for most residential customers. Recently, I am hearing more rumblings about customers with pptp VPNs having problems. From what I undersand, isn't PPPTP supposed to be NAT friendly?? Is there something inherent about it that would prevent multiple client connections from behind the same nat? In our case, the customer has a home router (nat) and the border router connected to fiber also does nat. All tips and network wisdom is appreciated! Thanks, Marshall WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
[WISPA] multiple PPPTP vpn clients behind NAT, tips?
All, I have a fully routed network behind a MT border gateway that does nat for most residential customers. Recently, I am hearing more rumblings about customers with pptp VPNs having problems. From what I undersand, isn't PPPTP supposed to be NAT friendly?? Is there something inherent about it that would prevent multiple client connections from behind the same nat? In our case, the customer has a home router (nat) and the border router connected to fiber also does nat. All tips and network wisdom is appreciated! Thanks, Marshall WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] multiple PPPTP vpn clients behind NAT, tips?
In your Mikrotik Service Ports tab (under IP Firewall), be sure that PPtP is enabled. That is your PPtP Helper to allow it to pass via the MT NAT. Don't have a clue as to why you would need it unless it allows other ports through (GRE or something). Eric Rogers Precision Data Solutions, LLC (317) 831-3000 x200 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of rabbtux rabbtux Sent: Friday, August 01, 2008 8:53 PM To: WISPA General List Subject: [WISPA] multiple PPPTP vpn clients behind NAT, tips? All, I have a fully routed network behind a MT border gateway that does nat for most residential customers. Recently, I am hearing more rumblings about customers with pptp VPNs having problems. From what I undersand, isn't PPPTP supposed to be NAT friendly?? Is there something inherent about it that would prevent multiple client connections from behind the same nat? In our case, the customer has a home router (nat) and the border router connected to fiber also does nat. All tips and network wisdom is appreciated! Thanks, Marshall WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
Re: [WISPA] multiple PPPTP vpn clients behind NAT, tips?
Yes I have that enabled already. In fact, on other MT systems that carry the backhaul (no firewall or nat) I also enabled this just to be safe. Version 2.9.x has a helper for GRE and PPtP, version 3.x only has PPtP, in these firewall 'helpers'. My border system is version 3.10. I need to make progress on this issue, since a couple customers have gone into town to other hotspots and have no trouble, so my network is to blame. On Fri, Aug 1, 2008 at 7:23 PM, Eric Rogers [EMAIL PROTECTED]wrote: In your Mikrotik Service Ports tab (under IP Firewall), be sure that PPtP is enabled. That is your PPtP Helper to allow it to pass via the MT NAT. Don't have a clue as to why you would need it unless it allows other ports through (GRE or something). Eric Rogers Precision Data Solutions, LLC (317) 831-3000 x200 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of rabbtux rabbtux Sent: Friday, August 01, 2008 8:53 PM To: WISPA General List Subject: [WISPA] multiple PPPTP vpn clients behind NAT, tips? All, I have a fully routed network behind a MT border gateway that does nat for most residential customers. Recently, I am hearing more rumblings about customers with pptp VPNs having problems. From what I undersand, isn't PPPTP supposed to be NAT friendly?? Is there something inherent about it that would prevent multiple client connections from behind the same nat? In our case, the customer has a home router (nat) and the border router connected to fiber also does nat. All tips and network wisdom is appreciated! Thanks, Marshall WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/ WISPA Wants You! Join today! http://signup.wispa.org/ WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
