[c-nsp] Cisco pptp server

Arie Vayner ariev at vayner.net
Fri Feb 26 23:58:15 EST 2016 

What most likely happens is that ISP1 is using uRPF on their side, so when
you source traffic to the Internet with the source IP of ISP2's assignment
through ISP1's interface, they drop your upstream traffic.
(I am not 100% sure which direction you meant as receive and trasmit...
>From the point of view of the router or the vpn user, but what I described
would cause traffic from the user to reach the router, but return traffic
would fail...)

Arie

On Fri, Feb 26, 2016 at 8:32 AM Matthew Huff <mhuff at ox.com> wrote:

> First,
>
> Why are you using PPTP and not either SSL VPN or IPSEC VPN? PPTP using
> ancient crypto and has been severely deprecated. Policy routing also has a
> lot of issues, including punting from CEF into CPU routing. Avoid it if you
> can. If you have higher metrics, why do you need it?
>
>
>
> ----
> Matthew Huff             | 1 Manhattanville Rd
> Director of Operations   | Purchase, NY 10577
> OTA Management LLC       | Phone: 914-460-4039
> aim: matthewbhuff        | Fax:   914-694-5669
>
>
> > -----Original Message-----
> > From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of
> > Pavel Dimow
> > Sent: Friday, February 26, 2016 11:02 AM
> > To: cisco-nsp at puck.nether.net
> > Subject: Re: [c-nsp] Cisco pptp server
> >
> > Anyone? :)
> >
> > On Thu, Feb 25, 2016 at 11:32 PM, Pavel Dimow <paveldimow at gmail.com>
> > wrote:
> >
> > > Hi,
> > >
> > > I have a very strange problem (well at least to me).
> > >
> > > I have a cisco 1921 which serves as PPTP server. On server I have two
> > > different ISP's connections, ISP1 and ISP2. I have a default route to
> > > ISP1 and default route to ISP2 with tracking and higher metric. I have
> > > configured local policy routing so I always send PPTP packets to the
> > > correct ISP.
> > >
> > > Now when I connect from client to PPTP server and in server address I
> > > enter the ip address of interface where ISP1 is terminated everything
> > > works. But when I connect from client to PPTP server and in server
> > > address I enter the ip address of interface where ISP2 is terminated
> > > the session is established but I can't do anything as I see only my
> > > outgoing traffic and no incoming traffic via PPTP tunnel. The funny
> > > part is that, when I enter the static route on PPTP server (the public
> > > ip address of  PPTP client) everything works. Is this normal
> > behaviour?
> > >
> > > If anyone can shed a light on this I would be very grateful ;)
> > >
> > >
> > >
> > >
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list