On 2020-02-26, Edgar Pettijohn <ed...@pettijohn-web.com> wrote: > This appears to be actively maintained. > > https://sourceforge.net/projects/pptpclient/
Gábor is looking a proxy / "nat helper" not a client. > On 02/25/20 12:15, Szél Gábor wrote: >> Dear @misc >> >> Our customer need more parallel outgoing PPTP session. >> I know PPTP is no security VPN, but our client not have any options. >> (our customer remote partner accept only PPTP VPN ...) >> >> OpenBSD PF can't use parallel PPTP session. First session is NAT-ed, >> but second session is broken. >> I know OpenBSD not supported PPTP NAT passthrough. >> >> I found two, very old PPTP proxy for openbsd: >> >> * https://github.com/crvv/pptp-proxy >> This is ftp-proxy fork(?) >> * https://sourceforge.net/projects/frickin/ >> >> frickin 1.x working only fix remote PPTP address, not good for me. >> frickin 2.x (beta) not compiled on oBSD 6.6. >> >> pptp-proxy is compiled, and started, but not working. >> We tested very simple pf.conf (NAT, and some rules) >> >> pass in quick log on $int_if proto gre from any to ! $int_if:0 rdr-to >> 127.0.0.1 >> pass in quick log on $int_if proto tcp from any to ! $int_if:0 port >> 1723 rdr-to 127.0.0.1 port 2317 >> >> pptp-proxy is accepted session, but not working. >> (in tcpdump only 2 outgoing, 1 inbound packet found) >> >> Does anyone know a working solution for PPTP NAT passthrough? I haven't heard of other implementations for PF. There was one named pptp-proxy discussed on tech@ about 10 years ago which needed kernel patches as well, this might be some modified version of that but it may have been converted to userland-only as well, I haven't looked closely. It doesn't appear to rewrite call-id so it wouldn't work for connections from multiple natted clients going to the same server. >> In openbsd based securityrouter.org firewall a found PPTP-Proxy support: >> https://securityrouter.org/wiki/Comparison >> But I don't know what to use. Likely some variant of this same pptp-proxy .. A lot of securityrouter.org things are closed source afaik. If you want to run this on OpenBSD then probably you will need to either write code or fix code.
