Amer Networks E5Web GUI User Manual

protocol but the PPTP tunnel from the client terminates at the security gateway. When this traffic
is relayed between the security gateway and the Internet, it is no longer encapsulated by PPTP.

When an application, such as a web server, now receives requests from the client it appears as
though they are coming from the anonymizing service provider's external IP address and not the
client's IP. The application therefore sends its responses back to the security gateway which
relays the traffic back to the client through the PPTP tunnel. The original IP address of the client is
not revealed in traffic as it is relayed beyond the termination of the PPTP tunnel at the cOS Core.

Typically, all traffic passes through the same physical interface and that interface has a single
public IP address. Multiple interfaces could be used if multiple public IPv4 addresses are
available. There is clearly a small processing overhead involved with anonymizing traffic but this
need not be an issue if sufficient hardware resources are employed to perform the anonymizing.

This same technique can also be used with L2TP instead of PPTP connections. Both protocols are
discussed further in Section 9.5.4, “PPTP/L2TP Clients”.

Chapter 7: Address Translation

497