PPTP/L2TP on interfaces
-
Loke, are you sure? Do you see a checkbox "Enable DHCP+L2TP or DHCP+PPTP."?
Besides, the ability to enter the ISP's hostname instead of the IP is a big deal.You don't need a checkbox "Enable DHCP+L2TP or DHCP+PPTP." to really use this feature, but if you want it, you can uncomment few lines in intefaces.php
You just need to set your WAN interface as L2TP and that's all. If you want to see both interfaces (L2TP and DHCP) you just need to add OPT interface and set it up like DHCP.
It will look like this.
-
Hi Guyz im from israel using pfsense for few years now.
at the last month i started using pfsense in in my work for a router to my servers.
i connected using HOT and bezeqint in L2TP connection i did the instruction on that thread which created OPT1 Interface (L2TP) and WAN (what i recive from the modem) internet in working and default routing is configured to OPT1 but i have 1 problem that i cannot define Inbound NAT i have an exchange server on 192.168.230.1 and my LAN port is set to 192.168.230.5 in Nat : Port forwording like the picture.
and cant seems to open that port from outside computer i cant get to one of the opened ports
in the picture you see exchange (that an alias to 192.168.230.1) and mailServer it's and alias for (25,80,443,51)i hope someone can try helping me to solve it.
thanks
-
did u check the firewall rule?
-
did u check the firewall rule?
what should be on a firewall rule ?
the NAT automaticlly Create a Firewall rule -
well, then I guess it's fine (it should allow from any to Exchange on any port -TCP/UDP) on OPT1 interface.
what's with the LAN port? Do u mean the LAN interface? -
well, then I guess it's fine (it should allow from any to Exchange on any port -TCP/UDP) on OPT1 interface.
what's with the LAN port? Do u mean the LAN interface?Yea i mean lan interface
-
so how come you're accessing web gui through 230.7?
-
firewall rules SS
-
so how come you're accessing web gui through 230.7?
funny me :-)
iwas wrong im on 230.7 :-)230.5 is connected using the same MODEM but in dial up gets a different IP
because i want the exchange to use different external IP than the office computers
-
let me get this straight, u have 230.5 and 230.7 both on the same machine, just as different interfaces? same subnet? are they bridged? i'm not sure u can do that.
-
let me get this straight, u have 230.5 and 230.7 both on the same machine, just as different interfaces? same subnet? are they bridged? i'm not sure u can do that.
it's irrelevent to the problem but ill try to explain what i did.
i have 2 machines 2 different machines.
i have 2 ISP users from the ISP (2 Public Ip's Perminent) and 1 Cable Modem so i put a hub after the modem and both pfsense (230.5, 230.7) Dials Differently and recive each own Ip.
230.5 will serve the offices while 230.7 will be for exchange use only. -
i see, nice thinking ;)
i'm asking because everything seems fine, so i'm looking for other things that could go wrong.
i only got 2 things on my mind:
1. is it actually possible to port forward several port via alias? i've never done that. maybe u should try just one port for now.
2. i hope u remembered to change the gateway on the exchange. -
the gateway for the exchange server is correclly something else a Fortigate router 230.2 which will go down in few days because we left the ADSL provider
im still keeping it like this because the pfsense wont deliver mails
-
omg you accually right ! i switched the gateway for the exchange server and it works !
why it is rellevent ? the exchange delivers information to the pfsense on the local network why it should use the gateway to trasnfer it ? -
because otherwise the exchange will send the reply to the fortigate router instead and it will never reach the original source on the internet. and it doesn't deliver the information to the pfsense - it tries to deliver to the outside.
-
great you helped me alot :-)
second thing that im considering is insted of using 2 ISP Users and 2 pfsense's my ISP can Give me virtualIP Pool i know how to configure it im the fortigate but how do i do it in pfsense over the L2TP dialup ? -
as far as I know you just configure it as virtual IPs.
http://doc.pfsense.org/index.php/What_are_Virtual_IP_Addresses%3F -
I've got very strange behavior: I've got L2TP over DHCP, sometimes "Connect/disconnect" button disappears after reboot. Now I've got snapshot built on 21 april. And the second strange behavior: after disappearing "Connect/disconnect" button MAC-address is always 00:00:….00 (on WAN(L2TP) page I've entered MAC-address). Any suggestions?
-
@roi: yes.
Here's how you do it:1. After installing pfSense connect by SSH or from the console choose 12) pfSense Developer Shell.
Type: playback gitsync. After it finishes installing all the needed packages type http://gitweb.pfsense.org/pfsense/gnhb-clone.git and answer yes to all questions or just press enter. Reboot.
After that you may also want to go to System->Firmware and add this link permanently (this section will be shown only after the first gitsync and reboot). This way it will sync after every upgrade.I did this way back when…
...should this still be in there now, or with RC3 etc. out, is this superfluous now?
What do/don't I get if I continue having this git-sync link in my settings? -
All I can tell you is that I upgraded from RC1 to RC3 with this link saved in the "firmware" section and I still have the PPTP/L2TP dialer.
