Just need confirmation of my understanding of the limitations of VPN (pptp) and Nat'd networks.
Linux Gateway to broadband (ADSL) masquerading for a bunch of windoze boxen. My understanding is that it's possible for one of the windoze boxes to estabish a pptp tunnel out through the masquerade to a pptd server out on the net, (and I've done this on a few occasions)
*But!* only one box can setup such a tunnel at any given time. This is because the pptpd server out on the internet needs to initiate a seperate new tcp/ip session from the outside back in (for GRE?). The Linux iptables Nat is "smart enough" to be able to work out which PC this connection should be directed to because it matches it to the existing outbound tcp/ip session. However if more than one outbound session exists there is no way to match it up. Is my understanding correct?
Education much appreciated and links to sites to bone up on pptpd VPN's etc much appreciated.
Cheers
P.
-- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
