• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

2 way PPTP VPN

Scheduled Pinned Locked Moved 1.2.3-PRERELEASE-TESTING snapshots - RETIRED
9 Posts 4 Posters 5.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L Offline
    lblokland
    last edited by Aug 10, 2009, 5:07 PM

    Hi,

    maybe this is a double post, but I couldn't find a good answer so here comes the question..

    I've a 1.235 setup with 2 NIC's (LAN+WAN)

    I need to create a setup in which I am able to make VPN connections using PPTP to servers on the internet, and simultaniously make PPTP connetions from remote machines to a PPTP server on the LAN.
    Just tried to use manual port forwards, and also the option on the PPTP tab to select a private server…but all options fail.

    In one setup I can connect tot the inbound server, but am not able to make outbound connections, in the other setup I can create outbound connections, but cannot connect from the internet to my private server..

    Can anyone tell me if this is possible with pfsense, and if yes, point me in the right direction?

    Cheers,

    Leon

    1 Reply Last reply Reply Quote 0
    • B Offline
      Briantist
      last edited by Aug 10, 2009, 7:49 PM

      This is a known problem. Take a look at the frickin package. Personally I was never able to make frickin work. If you have more than one static WAN IP you can do what I did:

      WAN Interface is assigned: 1.2.3.77/29 (I have 5 static IPs)
      I used proxy arp to also listen on 1.2.3.78. I used AON to have my LAN using .78 as the NAT IP for connections. Incoming PPTP connections go to .77 so they don't conflict at all. You will still have a problem with this method if you need to make more than one outgoing PPTP connection (to different servers) so it may be best to see if you can get frickin working.

      1 Reply Last reply Reply Quote 0
      • C Offline
        cmb
        last edited by Aug 11, 2009, 5:36 AM

        There is info on the limitations and work arounds here:
        http://doc.pfsense.org/index.php/What_are_the_limitations_of_PPTP_in_pfSense%3F

        the Frickin package doesn't work, Fricken doesn't seem to work at all, no idea why.

        1 Reply Last reply Reply Quote 0
        • L Offline
          lblokland
          last edited by Aug 19, 2009, 7:18 PM

          Allright…I understand M0n0 and PFsense are not able (at the moment) to achieve this goal.
          But how about a combo of outgoing pptp connections (from LAN to WAN) and incoming L2TP connections (from WAN to server in LAN).

          Can anyone let me know if this is possible?

          And, to make things complete, is it (in addition) also possible to create simultaniously with the outgoing pptp and incoming l2tp some site-to-site l2tp connections?
          (so it's triple way vpn i guess)

          Thanks

          Leon

          1 Reply Last reply Reply Quote 0
          • R Offline
            rpsmith
            last edited by Aug 20, 2009, 1:49 AM Aug 20, 2009, 1:06 AM

            give m0n0wall 1.3b18 a try.  I think it will solve most if not all of your PPTP problems.

            rpsmith…

            1 Reply Last reply Reply Quote 0
            • C Offline
              cmb
              last edited by Aug 21, 2009, 2:44 AM

              @rpsmith:

              give m0n0wall 1.3b18 a try.  I think it will solve most if not all of your PPTP problems.

              No it won't, it's no different from previous versions. If Manuel gets the ipnat GRE changes in for 1.3b19 and they work, it will, but they aren't there yet.

              We hope to have similar NAT changes for PF in 2.0.

              1 Reply Last reply Reply Quote 0
              • R Offline
                rpsmith
                last edited by Aug 21, 2009, 2:58 AM

                I'm currently using m0n0wall and having no PPTP problems.  The only limitation that I'm aware of is multiple outgoing connections to the same IP.  what exactly are you having problems with?

                rpsmith…

                1 Reply Last reply Reply Quote 0
                • C Offline
                  cmb
                  last edited by Aug 21, 2009, 7:18 AM

                  @rpsmith:

                  I'm currently using m0n0wall and having no PPTP problems.  The only limitation that I'm aware of is multiple outgoing connections to the same IP.

                  That's what I thought this thread was referring to.

                  The second issue, not being able to connect outbound on the same public IP in use by a PPTP server, isn't an issue in ipnat/m0n0wall.

                  1 Reply Last reply Reply Quote 0
                  • L Offline
                    lblokland
                    last edited by Aug 22, 2009, 6:15 AM

                    Exactly. This topic is about the gre limitation. And ofcourse possible solutions.
                    As there is no solution right now, m setting up IPSec for my inbound client because won't be limited by gre.

                    Anyways I hope this gre issue is to be solved asap

                    cheers,
                    Leon

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                      This community forum collects and processes your personal information.
                      consent.not_received