2.0 RC3 - Can PPP L2TP be used to create an L2TP tunnel?
-
i noticed in pfSense 2.0 (RC3) that my PPPoE interface is now a PPPoE tunnel assigned to my WAN NIC (Network Interface Card):
where the PPPOE0(xl0) - ianboyd@superuser.com network port is defined on to PPPs tab:
i thought this was interesting, and i wonder if it was finally possible to Have pfSense Connect and Route to a PPTP Server. It would be great if i could create a PPTP/L2TP tunnel (just like i have a PPPoE tunnel) that connects and knows to route traffic destined for the 10.0.0.0/16 out the PPP tunnel:
-
Destination: 10.0.x.x/16
-
Interface: L2TP(xl0)
e.g. route add 10.0.0.0 255.255.0.0 if OPT2
So is it possible?
i tried creating the PPP tunnel:
My thought processes for each of the settings were:
Link Type: PPTP
My first reaction was to use PPTP vpn protocol, because for a decade that's all Windows supported. Then i remembered that L2TP has been around in Windows and Windows Server for a long time and maybe i can use that "more standard" one. But then i remembered that our work firewalls are all configured for PPTP (1723 and GRE), so PPTP it is.
Link Interface(s): WAN
i know i said xl0 would be the interface that the tunnel is established on. But then i realized that the tunnel's traffic must be sent out an interface that can reach the internet. Strictly speaking my WAN network card is not connected to the internet - it only connects to the modem. The WAN interface (which is a PPPoE tunnel operating over xl0) is the actual internet interface.
If pfSense tried to establish a L2TP on xl0 the only device that would see the traffic is the modem. The traffic must go out the PPPoE tunnel, which means the WAN interface.
Description:
VPN to Work
Pretty self-explanatory; any arbitrary text
-
Username: ian
-
Password: ••••••••••••••
That is my username and password combination that work's VPN server will check.
Local IP (wan): 10.0.4.5 / 16
Now is where my hope begins to fade. When i VPN to work from my Windows desktop i don't have to assign an IP address; the server automatically gives me one. Much the same way that the PPPoE tunnel doesn't need an IP. Maybe i can just leave it blank?:
Local IP (wan):
It took it, so i'll leave it blank instead
Gateway (wan): 216.8.132.226
This must be the address of the vpn server at work (i.e. IP address of work).
Now that i have the tunnel created, i can return to Interfaces and create a new interface out of this tunnel:
Except that when i save the changes it new OPT1 interface reverts to xl0 rather than my new PPP tunnel.
So i'm stuck
-