Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PPTP ServerIP –> nat --> Lan IP

    NAT
    2
    3
    2.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dubya
      last edited by

      Does anyone know if it is possible to forward a port from the pptp server ip to an lan server?

      here is what I tried to do, but I cannot get a connection

      PPTP Client 192.168.200.10    client tries to access 192.168.200.254:88
                    |
                    |
      pfSense PPTP Server 192.168.200.254
                    |
                    |
      pfSense Lan Interface 192.168.1.252
                    |
                    |
      Internal Web Server 192.168.1.13 (listening on 88)

      The first rule below works from the wan, but the second is from when I tried to make a rule for the pptp clients. I notice the interface doesn't show (first column) and an ext: ip doesn't show up either.

      I tried setting that ext IP to 'any' without any luck, I also tried creating a 'vip other' with my pptp server ip, but vip's seems to only be for 'real' interfaces (wan and lan show up, but no pptp)

      If  Proto  Ext. port range  NAT IP  Int. port range                  Description 
      WAN TCP         88 (other) 192.168.1.13(ext.: 2x.xx.xxx.244)  88 (other)  
              TCP         88 (other) 192.168.1.13(ext.: )                    88 (other)

      I can make it work with regular pptp –> lan rules, but I dont want to have use the pptp server as a gateway, or bother with adding a static route on the client after each connection.

      I have also played with turning on NAT Reflection, in case it was relevant with no apparent difference.

      Thanks

      1 Reply Last reply Reply Quote 0
      • S
        ssheikh
        last edited by

        I don't follow your setup. Do you have two pfSense boxes (one as the PPTP server and other as a NAT/firewall device) daisy chained?

        What are you trying to accomplish with PPTP?

        1 Reply Last reply Reply Quote 0
        • D
          dubya
          last edited by

          No, just the one box, the two points on the ascii diagram were the two 'interfaces' of the 1 pfsense box.
          I have the vpn access to allow two computers to connect up remotely and talk to each other but not to my lan.
          the idea with the nat was to create access to a service on my lan without giving them full lan access, and without requiring them to use me as a default gateway.

          here is a screen shot of three rules. I used telnet in this example. The top rule works from my wan IP but then everyone could access it.
          The two rules below don't seem to work

          nat.PNG_thumb
          nat.PNG

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.