From owner-freebsd-pf@FreeBSD.ORG  Wed Oct 31 13:56:03 2007
Return-Path: <owner-freebsd-pf@FreeBSD.ORG>
Delivered-To: freebsd-pf@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id EB19F16A41A
	for <freebsd-pf@freebsd.org>; Wed, 31 Oct 2007 13:56:03 +0000 (UTC)
	(envelope-from rob@techniumcast.com)
Received: from smtp.techniumcast.net (smtp.techniumcast.net [194.74.204.204])
	by mx1.freebsd.org (Postfix) with ESMTP id AA5F913C49D
	for <freebsd-pf@freebsd.org>; Wed, 31 Oct 2007 13:56:03 +0000 (UTC)
	(envelope-from rob@techniumcast.com)
Received: from [10.1.32.176] (cast-users-176.techniumcast.net [10.1.32.176])
	by smtp.techniumcast.net (Postfix) with ESMTP id 6D20C120AE6
	for <freebsd-pf@freebsd.org>; Wed, 31 Oct 2007 12:15:41 +0000 (GMT)
Message-ID: <472871EC.9040509@techniumcast.com>
Date: Wed, 31 Oct 2007 12:15:40 +0000
From: Rob Shepherd <rob@techniumcast.com>
User-Agent: Thunderbird 1.5.0.13 (Windows/20070809)
MIME-Version: 1.0
To: freebsd-pf@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-TechniumCAST-MailScanner-Information: Please contact the ISP for more
	information
X-TechniumCAST-MailScanner: Not scanned: please contact your Internet E-Mail
	Service Provider for details
X-TechniumCAST-MailScanner-From: rob@techniumcast.com
X-Spam-Status: No
Subject: PPTP "fixup" for FreeBSD NAT Router
X-BeenThere: freebsd-pf@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Technical discussion and general questions about packet filter
	\(pf\)" <freebsd-pf.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf>
List-Post: <mailto:freebsd-pf@freebsd.org>
List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>,
	<mailto:freebsd-pf-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Oct 2007 13:56:04 -0000

Dear FreeBSD PF users,

We have Cisco FWSM software v2.3 which doesn't pass PPTP traffic due to it not 
being able to extract the GRE session information. Grrr.... Enterprise grade my 
*rse!

Nevertheless, I am intrigued to see if I can provide an alternate route for a 
customers PPTP connection through a FreeBSD router.

I'll VLAN interface on to their LAN, NAT as usual to a public IP, but I would 
like to inquire (before I commence my setup) if...

1. FreeBSD NAT (PF) will pass PPTP
2. if (1), will it support multiple PPTP sessions (multiple clients to common 
remote VPN server)

Many thanks for any suggestions etc. much appreciated.

Rob
-- 
Rob Shepherd BEng PhD | Computer and Network Engineer | CAST Ltd
Technium CAST | LL57 4HJ | http://www.techniumcast.com