VPN over GPRS not working?

I'm trying to establish a VPN tunnel from my laptop over GPRS to my office LAN. VPN works fine from broadband or dialup, but GPRS fails.

Client is Windows XP, Server is pptpd/pppd on a Snapgear appliance, mobile provider is O2 Germany. It seems the GPRS connection works via NAT and that this may be the cause of the problem. The log shows "LCP: timeout sending Config-Requests" which might also indicate that my side couldn't answer because of NAT.

Is there anything I can do about that concerning the server configuration? I do have good knowledge about Linux and partly about networking but exactly none about pptpd/pppd, I just use the web interface provided by the router. I can edit configuration files (pptpd.conf and options.pptp as I understand) directly if necessary.

Other possible causes might be MTU or the GPRS gateway not allowing highly encrypted authentication. I tried everything down to even no authentication, nothing worked over GPRS. MTU seems to be at normal 1500. So, I think both are not relevant here.

Kai

Reply to
Kai Schaetzl
Loading thread data ...

Nothing you can do but complain to the GPRS service provider.

Reply to
Mike Drechsler - SPAM PROTECTE

Mike Drechsler - SPAM PROTECTED EMAIL schrieb am Thu, 29 Sep 2005 19:29:00 GMT:

Figured that, thanks!

Kai

Reply to
Kai Schaetzl

I don't think so.

NAT on the client side normally is no problem.

The long latency of the link could be a problem however - and that is intrinsic to IP traffic over GSM (with/out GPRS)...

Reply to
Martin Bodenstedt

Are You sure, that Your VPN-Software can cope with NAT-traversal? Microsoft PPTP stuff uses GRE and this can not be natted.

Konstantin

Reply to
Konstantinos Agouros

Yes it can be "natted" if the device has an application layer gateway for the pptp protocol. A great many consumer level routers using NAT have supported an ALG for PPTP for many years. The hard part is supporting multiple simultaneous sessions through the NAT gateway but there have been implementations that seem to work with multiple PPTP sessions active at the same time so it's not impossible.

Reply to
Mike Drechsler - SPAM PROTECTE

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.