Date: Thu, 17 Jul 2008 23:36:59 -0400 From: "Chris Buechler" <cbuechler@gmail.com> To: "Ansar Mohammed" <ansarm@gmail.com> Cc: freebsd-pf@freebsd.org Subject: Re: GRE Limitation Message-ID: <d64aa1760807172036u7f41fc7ctcc8563dd75372211@mail.gmail.com> In-Reply-To: <047001c8e87d$8078b710$816a2530$@com> References: <047001c8e87d$8078b710$816a2530$@com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jul 17, 2008 at 10:25 PM, Ansar Mohammed <ansarm@gmail.com> wrote: > Hello All, > I just read the following on the pfsense website: > > "PPTP and GRE Limitation - The state tracking code in pf for the GRE > protocol can only track a single session per public IP per external server. > This means if you use PPTP VPN connections, only one internal machine can > connect simultaneously to a PPTP server on the Internet. A thousand machines > can connect simultaneously to a thousand different PPTP servers, but only > one simultaneously to a single server. The only available work around is to > use multiple public IPs on your firewall, one per client, or to use multiple > public IPs on the external PPTP server. This is not a problem with other > types of VPN connections." > > Is this also true for stock FreeBSD with PF or just a pfsense issue? > That's true with every OS that runs pf, and anything based on any of those (including pfSense). Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d64aa1760807172036u7f41fc7ctcc8563dd75372211>