From owner-freebsd-security Thu Oct 21 21:35:49 1999 Delivered-To: freebsd-security@freebsd.org Received: from mail0.mco.bellsouth.net (mail0.mco.bellsouth.net [205.152.48.12]) by hub.freebsd.org (Postfix) with ESMTP id 9545614C34 for ; Thu, 21 Oct 1999 21:35:44 -0700 (PDT) (envelope-from bertke@bellsouth.net) Received: from bellsouth.net (adsl-78-196-151.sdf.bellsouth.net [216.78.196.151]) by mail0.mco.bellsouth.net (3.3.4alt/0.75.2) with ESMTP id AAA00474; Fri, 22 Oct 1999 00:35:46 -0400 (EDT) Message-ID: <380FE9E9.21DD8B35@bellsouth.net> Date: Fri, 22 Oct 1999 04:36:57 +0000 From: Bert Kellerman X-Mailer: Mozilla 4.61 [en] (X11; I; Linux 2.0.36 i386) X-Accept-Language: en MIME-Version: 1.0 To: "Dan Seafeldt, AZ.COM System Administrator" Cc: security@FreeBSD.ORG Subject: Re: GRE/IP 47/PPTP References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org You need to pass `-pptpalias ` on the command line. The ipaddress that you specify will be the only client/server on the inside that will get the type 47 packets. Check out the natd man page, it's all in there. AFAIK, cisco has supported GRE tunneling since IOS 9.x. Bert "Dan Seafeldt, AZ.COM System Administrator" wrote: > Will FreeBSD's /sbin/natd pass GRE IP packet type 47 as part of NT4.0 PPTP > trust scenario? Seems run-o-the-mill SOHO routers in NAT mode fail in this > capacity as they see TCP/UDP only? Although Cisco's latest IOS appears to > handle it. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message