Hello, First: thanks for OpenBSD 6.2, another great release ... and oooh, boy, upgrading is such a joy! Its awesome cause its painless and is done faster than even booting most full blown operating systems.
Second, my problem: We have 2 roadwarriors doing projects for another company, and they should connect to their Microsoft based VPN Service. However, we are experiencing a weird problem that only one of them can connect at the same time. Its no problem with their service, using mobile phone tethering both can connect simultaneously. I have tried both with net.inet.gre.allow and net.inet.gre.wccp enabled and disabled, but it does not work. The rule is basically: pass out quick on $if_int proto {tcp udp gre} from any to $customer_ip nat-to $ext_ip which of course also allows Port 1723. I have no idea about the configuration on their server, and found various discussions e.g. "multiple pptp pass-through on pf" from 2007 and others about 10 years back. Whats the current state of this? Do I really need a proxy like poptop? thanks in advance, infoomatic