PPTP through NAT device

G

Guest

Anyone know if WinXP PPTP VPN client will work through a NAT device (i.e.
Linksys router)? I have read a few conflicting statements online regarding
the feasibility of PPTP through a NAT device (some say yes, others say no).
The Linksys has PPTP passthrough enabled but still not able to connect with
it in place, not even on a DMZ port. Pull the NAT device and get a public IP
directly on Win XP and its good to go. I can see TCP 1723 traffic going out,
nothing coming back in on the Linksys. Am I beating a dead horse (i.e. it
will never work no matter what) or is this a Linksys issue solely? Thanks.
 
S

Sooner Al [MVP]

Keep in mind you need both TCP Port 1723 open and the router must pass GRE
Protocol 47 traffic. As you noted some routers call that "PPTP Pass
Through".

In my experience it is highly dependent on firmware version and if they in
fact pass GRE Protocol 47 traffic. For example with my old Linksys BEFSR41
(V1) some firmware versions worked while some did not. My current Buffalo
WBR-G54 does not pass GRE Protocol 47 traffic with any firmware version and
lastly I have a Network Everywhere NR041 that works very well passing GRE
Protocol 47 traffic.

There is a test detailed in the "PPTP Ping" and "VPN Traffic" sections on
this page to help determine if your firewall/router is passing GRE Protocol
47 traffic correctly or not...

http://www.microsoft.com/technet/community/columns/cableguy/cg0105.mspx

If you can't get PPTP VPN to work through your current router you might...

1. Depending on the specific router possibly use third-party firmware like
the DD-WRT release to flash to a custom version.
2. Use something like OpenVPN (my current work around) or Secure Shell
(SSH).
3. Purchase a new router that is know to pass PPTP VPN traffic correctly or
acts as a VPN end-point.

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
 
G

Guest

Thank you. I believe the latest Linksys firmware for my WRT54GSv5 (firmware
v1.5.08) does not pass GRE 47 properly if at all. I will probably move to an
IPsec VPN as there are a lot less compatibility issues it seems.

Thanks again.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Remote VPN (Vista -> 7 Ult. 64bit) 0
Re: Running PPTP behind NAT router 2
VPN - PPTP Ports 2
PPTP Passthru 3
XP Pro SP2 as a VPN Server 3
VPN PPTP 3
Linksys RV082 PPTP VPN problems 9
netgear routers allow max of 1 to 4 pptp passthroughs ! 1

Top