Cannot connect to a remote PPTP VPN server from a computer behind a Netgate SG-3100 runing Pfsense
I recently bought a Netgate SG-3100 and replaced my previous router with it. After I did that, I cannot longer connect to a remote PPTP VPN server. I know PPTP is not secure but it is not my choice at the present moment. I just need to be able to connect to it or otherwise I might be forced to switch back to the previous router.
The configuration I have done in Pfsense is minimum, close to nothing. This is my first experience with Pfsense. The firewall section of it is untouched.
If I connect to an at&t mobile hotspot that I have and I try to connect to the remote VPN server, I have no problem. Just to make sure that the problem was brought by the Netgate router I swapped back to my old one and the VPN worked like a charm. I put back the Netgate since I hope this can somehow be resolved but I am about to pull some hair out of my head already. Any help is greatly appreciated.
No specific configuration should be required for an outbound PPTP client.
What error do you see trying to connect?
Is it possible to have another device trying to open the same connection?
Try disabling pf-scrub as suggested here:
Thank you for your reply. So far you have been the only.
I am away from home now where I have the Netgate SG-3100, so I won't disable the pf-scrub till late this afternoon when I am back. I will report back as soon as I do it.
I have tried to connect using another device as you suggest with the exact same result. I cannot tell you now the exact wording of the error but I will this afternoon if my attempt is not successful after I disable the scrub.
I agree with you that outbound PPTP VPN connection should not require anything special and that has me really wondering about this problem. As I said, I am able to connect if I use a wireless hotspot (from both computers that I have tried) and also no problem if I put back the old router in place.
Talk to you later. Thanks again.
Well we have seen pf-scrub cause problems for pptp previously so it's worth trying there.
Ultimately packet captures on WAN and LAN should show you what's happening.
Just came home. Got to get out very soon to take my daughter somewhere but I could not resist to try your tip. Unfortunately it did not work. I still get the very same message:
Can't connect to "remote PPTP".
A connection to the remote computer could not be established, so the port used for this connection was closed.
I could capture packets on LAN and WAN side but not sure I will be able to get much out of that info. I will give it try though tonight.
It will tell you at least:
If the packets are making it though the firewall.
What stage in the connection is failing.
If the other end is responding at all.