New to BSD - how to NAT various protocols including PPTP

New to BSD - how to NAT various protocols including PPTP

Post by Steve Jorgens » Wed, 06 Dec 2000 13:06:29

I've been using Linux for Firewalls so far, but some BSD features are
leading me to experiment.  For instance, my employer wants to start
using 2 ISPs since no one ISP has ever proven to be sufficiently
reliable - it's much easier to set up load balancing in BSD than in

So I'm reading though books and man pages for BSD, and I'm confused at
the lack of references to different protocols as used with NAT.  Under
Linux, each protocol besides TCP requires a module and must be
specifically enabled.  Under BSD, I can't even find info on what
protocols are supported and if they must be specifically enabled or if
they're automatic.

With respect to NAT and PPTP, I know that the BSD-based GNATBox
firewall has full support for PPTP clients behind NAT, but all the
info I can find on how to set up NAT to handle PPTP clients describes
a method that only handles one user at a time (proprietary code?).
I'm also suspicious of the one-at-a-time approach because the last
router I set up that worked this way was really flakey, and it was
sometimes necessary to reboot the router to re-establish a PPTP
connection that was lost for any reason.

Any comments?


1. speedtouch 530 NAT versus linux pptp + nat

small setup - 5 PCs - users kinda demanding

I'm setting up a mail server (whitebox linux based).  There is no hardware
left for a dedicated firewall (such as smoothwall).

I was originally tempted to use the speedtouch DLS modem (pptp that returns
a fixed ip) for NAT, and port 25, 443, 993 to the linux machine for smtp,
https and imaps access....but I'm concerned as to how 'robust' the
speedtouch is.

The only current alternative is to use the mail server as a firewall itself.

Are there any experiences or recommendations?


2. Restoring user ownership

3. include new protocol layer

4. Wanted: Microsoft Pascal 4.00 compatible compiler

5. Proposal for -- [really about which then gets included]

6. Bibliographic Database that allows refer imports?

7. "/usr/include/bsd/bsd.h" not found in redhat linux 5.1


9. #including <bsd/signal.h>: no include path

10. New way to do QOS and limit bandwidth with Linux, new site , new software Howto Included


12. PPTP protocol

13. SuSE Linux as VPN client to a Watchguard Firebox II using PPTP protocol