Cannot Connect PPTP VPN
-
Ok so it seems to be a state tracking problem ?
When you watch the logs during a connection attempt (tcpdump -i pflog0 -ttt -n) you can see GRE responses from the outside server being blocked by pf. -
No news neither a clue about this issue ?
-
Wait for a new image to get built, just committed the fix.
https://rcs.pfsense.org/projects/pfsense-tools/repos/mainline/commits/1c33e5128463d84dcedb71c9480a126dd8a6466e -
will try it asap.
Thanks Ermal. -
Same issue here.
Tried to use it with Win2k8 TMG.
TMG's gateway is pfSense LAN IP (this is important! without this forwarding doesn't work)
Seems it even don't try to connect, just refusing connection with CLOSED:SYN_SENT.
Just ignoring firewall rules… or I have missed something in pfSense firewall?
Check screenshots attached.EDIT: sorry for information missed: tested on pfSense-2.0-BETA4-20101116-1840-i386.iso
EDIT: Thanks for fix for Ticket #989. Will try this as soon new snapshot will be available.
-
You do not need the gre allowance with latest snaphots.
Your problem is that you do not need to specify the gateway in firewall rules. -
Confirming that outgoing PPTP VPN now works w/o incoming GRE-rule - thanks :D
-
Confirming this too.
Thanks
-
Confirming that PPTP limitations are gone for good :)
Thanks!
ermal: just curious - will there be an OpenBSD pf patch in the future?
-
You can try yourself.
From my side i am done with OpenBSD folks doing politics. -
nice reply Ermal ;)
-
confirmed as well on 2.0-BETA4 (i386)
built on Wed Nov 24 19:45:12 EST 2010well done guys, thanks so much for this