On Mon, Apr 05, 2010 at 04:48:38PM -0700, Tom Sharples wrote: > Have you run into the pfsense pptp limitation? That is, only one > customer (behind your pfsense NAT router) , can establish a pptp > session to the same external pptp server at a time. At least, that's > what the pfsense download site lists under known limitations.
Yes, on the office LAN. We had a short period of time during which two or three of us were doing unrelated work for the same client at the same time. We collided. We took turns. We don't have many PPTP VPN using customers and it's very rare that more than one of us will need to deal with that customer at the same time. I've not heard any complaints from my customers who are behind the other pfSense box. IIRC, the limitation is one NATed IP talking to a particular PPTP server on the outside via a particular outside IP at one time. Unless you have a lot of people tele-commuting for the same company, you are unlikely to see the problem. You can have an "unlimited" number of customers talking to an "unlimited" number of external PPTP servers at the same time so long as no two customers are talking to the same server at the same time. If you have multiple external IPs, you should be able to work around the problem for the rare customers who are affected by playing with the Advanced Outbound NAT rules. I've not actually had to do so, thus the word "should". I believe this situation is supposed to be all better in 2.0. I haven't had the time, or need, to check up on it. -- Scott Lambert KC5MLE Unix SysAdmin lamb...@lambertfam.org -------------------------------------------------------------------------------- WISPA Wants You! Join today! http://signup.wispa.org/ -------------------------------------------------------------------------------- WISPA Wireless List: wireless@wispa.org Subscribe/Unsubscribe: http://lists.wispa.org/mailman/listinfo/wireless Archives: http://lists.wispa.org/pipermail/wireless/
