Reply to PPTP originated traffic exiting via default gateway



  • Hi all,

    I have problem with routing as described in the subject.

    pfSense 2.3.2-RELEASE-p1 (nanobsd) running on the ALIX platform with 3 LANs. One is uplink to ISP with DHCP client, second is one customer, third second customer, who is not part of our problem. First customer needs more public IP than his ISP can allocate to him, so he negotiated /28 network from another company, to which we "call" using PPTP. MPD5 can connect there with patch [1] applied, however I am not able to force pfSense to take gateway associated with this link into account. When I have traffic incoming via tunnel for firewall self (PTPP endpoint), to addresses from allocated /28 subnet mentioned above or originating from firewall, for example ping from tunnel endpoint address, everything is outgoing using vr0 where default gateway resides. I tried to do nothing, only allow all traffic in the firewall rules, setting gateway to other PTPP endpoint for given traffic on the PPTP interface, doing the same but as floating rule first in list and I am getting out of ideas now. Do you have any input where to look for error or what to try next?

    May be of some interest:

    • Remote PPTP endpoint and gateway for this tunnel has address 10.0.0.1 and WAN (on vr0) has 10.27.67.168 with 137 being default gateway, but it is /29 network
    • I am constantly getting alias 0.0.0.0 created on the vr0 interface, which is our endpoint setting before IP is negotiated
    • I have somewhat wrong select for netmask in interfaces_ppps_edit.php, where the /31 value is twice and /32 can not be selected, see attached screenshot, but in interfaces.php it is fine.

    [1] https://redmine.pfsense.org/issues/6732