    Hey people. I blow wind about this all of the time. But I saw this post on the AT&T Wireless forum and wanted to get that info here. It's a more technical and definitive explination regarding NAT and VPN over Cingular data plans. This is from AT&Tws support and comes from the horses mouth.

    Remember the following:
    *Media Works ($20), Media Net ($25), and PDA Connect ($40) are all the same and use the WAP APN that has "NATP" (aka NAT)
    *Data Connect ($80) is the other one that uses the ISP APN and is NOT subject to "NATP" (ie, you get a real IP on the internet.)
    *ALL plans on both APN get EDGE speeds.

    Here's the URL if you have login access:
    Here's the scoop:
    On Cingular Orange we use NAPT (Network Address & Port Translation). This works with some VPN solutions (like IPSec over UDP) but not others (like IPSec ESP). On Cingular Blue (AT&T Wireless), we currently use NAT (no port translation) and all the standard VPN solutions seem to work well (IPSec ESP, IPSec over UDP, PPTP, Checkpoint VPN, GRE, etc.) except IPSec AH (authenticated headers).

    If you find a service doesn't working through NAPT or NAT then you can always add an APN that gives you a dynamic public IP address (Orange "isp.cingular" or Blue "internet"). Note that you should protect your laptop using a personal firewall product if you use a pulic IP solution.

    Note - I work on the technical side and don't have access to the tools needed to solve individual subscriber account problems.
    I'd like to add (since I'm sure it'll be asked) that I personally have Movian VPN (IPSec), Cisco VPN on a laptop via 'teathered' and 'bluetooth DUN", POP, IMAP, and others and have never had anything not work. I'm on the Media Works ($20) plan and it uses the WAP APN with NATP.

    Update 5-17-05:
    Here's a more technical and acurate explination of the issue. Bottom line is that the WAP access point doesn't pass GRE packets to support PPTP
