PPTP Connection Issues

cmb991

I had PPTP VPN setup in 1.2.3. I upgraded to 2.0 RC1. Now no user can connect. CMB recommended to remove <pptpd>to</pptpd> from the config. I did that and now I can connect internally (which doesn't help), but from an outside network, I can't connect. I have port 1723 open TCP and GRE open. I posted a picture of my firewall rules. Any ideas?

WAN.png_thumb
![VPN PPTP.png](/public/imported_attachments/1/VPN PPTP.png)
![VPN PPTP.png_thumb](/public/imported_attachments/1/VPN PPTP.png_thumb)
![PPTP VPN.png](/public/imported_attachments/1/PPTP VPN.png)
![PPTP VPN.png_thumb](/public/imported_attachments/1/PPTP VPN.png_thumb)
![NAT Port Forward.png](/public/imported_attachments/1/NAT Port Forward.png)
![NAT Port Forward.png_thumb](/public/imported_attachments/1/NAT Port Forward.png_thumb)

jimp

Are you trying to run the PPTP server on pfSense, or redirect it to something else inside your network?

You have firewall rules that aren't consistent, a port forward for 1723 (but not GRE) like you want to redirect, but you also have the PPTP server enabled.

The easiest way to clean it up would be one of the following:

If you want to run the PPTP server on pfSense

Delete the firewall rules on WAN, and the port forwards for 1723 and GRE - the rules are made automatically as needed when the server is enabled.

If you want to redirect:

Delete the firewall rules on WAN, and the port forwards for 1723 and GRE (what you have is not right)
Set the PPTP server to redirect, and enter the IP of your internal VPN server. Internal rules will be made automatically

jimp

You had sent me a PM but didn't answer the most important question: Are you wanting to redirect the PPTP traffic to an internal PPTP server, or are you trying to use the PPTP server on pfSense?

dspaan

First off: Thanks for this awesome firewall! We have been using 1.2.2 for 2 years and i recently upgraded to 2.0.

Version:
2.0-RC2 (i386)
built on Thu May 12 10:52:38 EDT 2011

I have two problems:

1.After updating it seems the firewall now uses multi gateway failover for some reason? We have two gateways, the first is for normal internet traffic like browsing, sending e-mails, etc. The 2nd gateway is for VoIP only and has a much higher bandwith the the first (default) gateway. Since we are a callcenter we have a lot of VoIP traffic. We noticed that when we restart the modem attached to the 2nd VoIP gateway it starts routing the traffic over the default gateway. Result is that every employee we have cannot work anymore because the default gateway is not meant to handle all the VoIP traffic and gets congested. Is it related to this issue: http://redmine.pfsense.org/issues/1520
Because if so i would love to see an option to turn that feature off!

2.Just like the creator of this topic our PPTP VPN has stopped working. I want to use the PPTP server on pfSense. The only thing i want to do is connect to the office when i'm at home woring on my windows computer. I checked the Advanced section and scrubbing is off and in the rules section i had a PPTP rule for WAN and WAN2. I deleted those and turned off the PPTP server and then turned it back on (so it could re-create rules) but no luck…. Help would be appreciated!

edit: VPN seems to work now. I think it was because i was testing from within the office. I was using WAN2 as default gateway and figured i could make a VPN via WAN gateway but i guess not. Also the disableing and deleting the rules must have worked because before that it didn't work from home. Hope some can reply to my first question. Thanks in advance.

[PPTP log1.txt](/public/imported_attachments/1/PPTP log1.txt)