Looking for either L2TP or PPTP passthrough support - $150 bounty
-
I have many servers runing L2TP/IPSEC VPN servers (openswan+l2tpd). L2TP is another layer 2 tunneling protocol used to add authentication to ipsec encrypted data. In fact, when using L2TP/ipsec for roadwarrior connexions, ipsec encrypt the data using a PSK or a certificate over a tunneled session created with L2TP wich needs a username/login to be established. L2TP is encapsulated within UDP flows on port 1701.
The only thing to be careful with is the MTU size…since it is UDP encapsulated you have to ensure that big packets won't be fragmented, this is a server side configuration.
It's better than PPTP in all ways...I really hope that pfsense will soon have a L2TP/ipsec vpn server ;-)
-
Please test the frickin pptp proxy package with the recent 1.2-BETA-1 or a recent snapshot. It might work now.
-
Just did a whole bunch of testing and the frickin pptp package does not work… :'(
Well, back to IPSEC testing...
-
This doesn't seem to work for me either. Is there configuration required other than installing the package?
I'm willing to donate more to the bounty if it helps remove the limitation of one concurrent outbound PPTP connection to the same VPN server. Thanks!
-
Yes, you most likely need to pick the interface and click save in the GUI.
-
I also just fixed a bug. Please try Frickin again.
Thanks!
-
I'm getting a couple of errors when I try this after selecting the LAN interface. (I tried on both 1.2 BETA 1 and now under 1.2-BETA-1-TESTING-SNAPSHOT-06-06-2007) :
Jun 7 00:45:16 Frickin: Network error (Address already in use)
Jun 7 00:45:16 Frickin: Network error (Address already in use)
Jun 7 00:45:16 Frickin: Frickin v2.0, running as daemon with pid 2091
Jun 7 00:45:16 check_reload_status: reloading filter
Jun 7 00:45:17 php: : Frickin is installed but not started. Not installing redirect rules.I also tried the reinstall all packages option (frickin is the only package installed) and I get this:
Jun 7 00:42:47 php: /pkg_mgr_install.php: XML error: syntax error at line 1
Jun 7 00:42:47 check_reload_status: reloading filter
Jun 7 00:42:50 php: /pkg_mgr_install.php: Beginning package installation for frickin.
Jun 7 00:42:13 dnsmasq[644]: reading /var/dhcpd/var/db/dhcpd.leases
Jun 7 00:42:52 Frickin: Frickin v2.0, running as daemon with pid 1531
Jun 7 00:42:52 Frickin: Network error (Address already in use)
Jun 7 00:42:52 Frickin: Network error (Address already in use)
Jun 7 00:42:55 check_reload_status: reloading filter
Jun 7 00:42:56 php: : Frickin is installed but not started. Not installing redirect rules.
Jun 7 00:42:56 php: : Frickin is installed but not started. Not installing redirect rules.I'm running OpenVPN server and a PPTP server. Would one of those be conflicting?
Thanks for any help with this. -
I removed that "is installed but not configured" message so you are still on the old version.
-
Sorry, do you mean the system version? I got these errors running 1.2-BETA-1-TESTING-SNAPSHOT-06-06-2007
built on Wed Jun 6 21:37:28 EDT 2007. However, I did restore my backup xml config from 1.2-BETA-1 after the upgrade to the newer snapshot. Would the restore have caused the version problem? Or did you mean that I need a newer version of the package? If so, how do I get that other than reinstalling it through the package manager?Thanks again.
-
Newer version of the package. Uninstall the package and reinstall it.
-
Hello!
I can add some "not working" information to this thread.
Everything works very well until someone else from the LAN does a PPTP connection. After another machine has connected and disconnected a PPTP session my machine can't connect to any PPTP server. Reboot of pfSense solves the problem and I can connect again.
I've experimented with PPTP for the last couple of days, and I can't get multiple client connections out through pfSense to work as it should.
I'm running:
.2-BETA-1-TESTING-SNAPSHOT-06-06-2007
built on Sun Jun 10 06:19:22 EDT 2007
+fricking 2.0-BETA2States when it works:
–---------------
tcp aaa.bbb.192.132:1723 <- 10.0.5.117:2810 ESTABLISHED:ESTABLISHED
tcp 10.0.5.117:2810 -> xxx.yyy.143.48:57812 -> aaa.bbb.192.132:1723 ESTABLISHED:ESTABLISHEDgre aaa.bbb.192.132 <- 10.0.5.117 MULTIPLE:MULTIPLE
gre 10.0.5.117 -> xxx.yyy.143.48 -> aaa.bbb.192.132 MULTIPLE:MULTIPLEaaa.bbb. MS PPTP server
xxx.yyy. and 10.0.5.117 MS PPTP clientWhen it doesn't work:
States look like the NAT is not complete on 1723 and GRE.
Firewall complains about incomming GRE which in not let in.
Windows PPTP client never finnish "Name Password...": Error: 619: The specified port is not connected.What information can I supply you with to make this more clear?
-
We just tested the new Frickin proxy with the newest snapshot, and it still does not appear to be functioning. Has ANYONE gotten this to work yet? My bounty still stands! Thanks.
