control channel and a tunnel, the tunnel being built upon a modified form of
GRE.  They are taking the stance that simply establishing the control
channel qualifies as PPTP (seems mighty useless to me).  Anyone care to tell
me I'm correct here (or tell me I'm wrong and why)?  They're so adamant
about their stance that I feel I owe it to them to entertain the possibility
I might be wrong (shocking, how could that be ;-) ).  If anyone feels like
reading the RFC themselves you can find it at...

http://www.faqs.org/rfcs/rfc2637.html

Thanks,
Ben.

PS A little humor - one of the techs tried to claim that GRE is part of the
"IP protocol" (redundant, I know) and NetGear only supports TCP and UDP.
;-)  I suppose MAYBE they built their own network protocol to handle TCP and
UDP transports but that seems pretty unlikely. =))


On 3/6/08, ben usenetalias <ben.usenet.alias at gmail.com> wrote:
>
>  Thanks to everyone for the advice.  My resolution went in a completely
> different direction though.  Thanks to some advice from Adam M I learned
> that the MS VPN client is just a PPTP client and doesn't require ISA at
> all.  So I ditched the ISA box (I'm sure there's some cheering out there
> somewhere) and just enabled PPTP passthrough on my router.  My trusty 678
> now sits in bridged mode and my router does the PPPoE (no worries about it
> starting back up after power failure and such as with ISA).  With built in
> masquerading on the router and PPTP passthrough to a box behind it for VPN
> auth I'm set.  Much simpler than ISA and does everything I wanted it to.
>
> Again, thanks to everyone that offered options.
> Ben.
>

------=_Part_6982_15322244.1206397008688
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

<div>Another off topic question but I need&nbsp;a sanity check and the folk=
s on this list are generally well informed.&nbsp; I&#39;ve been going back =
and forth with NetGear about their supposed PPTP support.&nbsp; They claim =
support for PPTP but do not support GRE; the result is that a control chann=
el is established (I can see this with a packet trace on both sides of the =
router) but then all subsequent traffic is dropped (again verified by packe=
t trace).&nbsp; I&#39;ve gotten past the first tier support so I&#39;m deal=
ing with folks that have a little knowledge now but they are still presenti=
ng some pretty wacky ideas.&nbsp; I&#39;ll admit that this subject matter i=
sn&#39;t for the faint of heart but I&#39;ve been pointing them at RFCs tha=
t seem to pretty plainly state the need for GRE.&nbsp; From reading the RFC=
 it seems clear to me that PPTP consists of both a control channel and a tu=
nnel, the tunnel being built upon a modified form of GRE.&nbsp; They are ta=
king the stance that simply establishing the control channel qualifies as P=
PTP (seems mighty useless to me).&nbsp; Anyone care to tell me I&#39;m corr=
ect here (or tell me I&#39;m wrong and why)?&nbsp; They&#39;re so adamant a=
bout their stance that I feel I owe it to them to entertain the possibility=
 I might be wrong (shocking, how could that be ;-) ).&nbsp; If anyone feels=
 like reading the RFC themselves you can find it at...</div>

<div>&nbsp;</div>
<div><a href=3D"http://www.faqs.org/rfcs/rfc2637.html">http://www.faqs.org/=
rfcs/rfc2637.html</a></div>
<div>&nbsp;</div>
<div>Thanks,</div>
<div>Ben.</div>
<div>&nbsp;</div>
<div>PS A little humor - one of the techs tried to claim that GRE is part o=
f the &quot;IP protocol&quot; (redundant, I know) and NetGear only supports=
 TCP and UDP. ;-)&nbsp; I suppose MAYBE they built their own network protoc=
ol to handle TCP and UDP transports but that seems pretty unlikely. =3D))<b=
r>
<br>&nbsp;</div>
<div><span class=3D"gmail_quote">On 3/6/08, <b class=3D"gmail_sendername">b=
en usenetalias</b> &lt;<a href=3D"mailto:ben.usenet.alias at gmail.com">ben.us=
enet.alias at gmail.com</a>&gt; wrote:</span>
<blockquote class=3D"gmail_quote" style=3D"PADDING-LEFT: 1ex; MARGIN: 0px 0=
px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div>
<div>Thanks to everyone for the advice.&nbsp; My resolution went in a compl=
etely different direction though.&nbsp; Thanks to some advice from Adam M I=
 learned that the MS VPN client is just a PPTP client and doesn&#39;t requi=
re ISA at all.&nbsp; So I ditched the ISA box (I&#39;m sure there&#39;s som=
e cheering out there somewhere) and just enabled PPTP passthrough on my rou=
ter.&nbsp; My trusty 678 now sits in bridged mode and my router does the PP=
PoE (no worries about it starting back up after power failure and such as w=
ith ISA).&nbsp; With built in masquerading on the router and PPTP passthrou=
gh to a box behind it for VPN auth I&#39;m set.&nbsp; Much simpler than ISA=
 and does everything I wanted it to.</div>

<div>&nbsp;</div>
<div>Again, thanks to everyone that offered options.</div>
<div>Ben.</div></div></blockquote></div><br>

------=_Part_6982_15322244.1206397008688--