Microsoft KB Archive/263925

= Inbound PPTP Traffic and Windows 2000 Network Address Translation =

Article ID: 263925

Article Last Modified on 3/1/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows 2000 Professional Edition

-



This article was previously published under Q263925



SUMMARY
Network Address Translation (NAT) in Windows 2000 has a built-in Point-to-Point Tunneling Protocol (PPTP) Editor that allows NAT clients to establish PPTP connections to external Virtual Private Network servers. An Editor is necessary because PPTP uses Generic Routing Encapsulation for tunneled data (IP protocol 47) as well as for the Transmission Control Protocol (TCP) port 1723. The Generic Routing Encapsulation packets do not have a TCP or User Datagram Protocol (UDP) header, which contains the port information that NAT translates.

NAT in Windows 2000 currently does not support incoming PPTP traffic from the external network(s) to an internal PPTP server behind the NAT server. Although you can create a special port mapping for TCP port 1723 to the PPTP server, there is no way to create a special port mapping for GRE traffic because it does not use TCP or UDP headers.



MORE INFORMATION
If external clients need to access a server located on the internal network behind NAT, they can establish a Virtual Private Network tunnel to the NAT server.

Keywords: kbinfo kbnat kbnetwork KB263925

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.