Contributed by grey on from the neat things to try out dept.
Recently my employee was acquired by a large corporation which has alot of information and reporting systems on their intranet. This intranet can only be accessed by PPTP and each employee gets their own account. This causes major problems with a NAT'ed firewall as PPTP uses gre packets for the "secure" tunnel, the gre protocol has no ports and will fail miserably with multiple connections from one ip, the solution is to install a proxy.
A quick search on Google gave me nothing that would work on *BSD so I had to write my own. The proxy can be installed completely transparent on the firewall, it can also be chained from one proxy to another over multiple servers.
The proxy is still being improved little by little as bugs are found and I would appreciate any input from other users out there.
Project home for the proxy is: http://freshmeat.net/projects/frickin/
While I thankfully haven't had to deal with pptp anytime recently, I'm sure some pf firewall admins may find this useful.
(Comments are closed)