Chris Smith wrote: > On Tuesday 04 October 2005 03:38 pm, Peter Hessler wrote: > > True, this is a limitation of the PPTP spec. Go slap the IT Staff, > > and tell them to revert back to IPSec. > > While I agree on what should be done to their IT staff, and that IPSec > (from what little I know) is superior, it may be an issue beyond my > control. > > The unfortunate thing is that they claim (probably correctly) that it > works fine for them from all of the other field office locations. > > Being that PPTP use is somewhat ubiquitous, I'm wondering if it's an > OpenBSD/pf limitation or design decision, or do others have to jump > through hoops to work with this as well. > > Oddly enough much information I find talks about the difficulties of > IPSec and NAT, which works fine with pf.
OpenBSD ignores the Call ID field in the GRE packets that PPTP uses... check the archives... http://marc.theaimsgroup.com/?l=openbsd-misc&m=110660283102711&w=2.
