Outbound pptp vpn - bid for $
-
good to hear that, waiting for it eagerly
-
I am currently running 2.1, but would love to test this - I have a vpn provider that I am looking to use, but can not seem to get the openvpn to work on pfsense and route traffic.
I would think pptp would be a simple solution if this code was available. A patch for 2.1 would be very easy to test, and I could give you results very quickly if worked or not, etc.
-
Sorry it's been taking so long. my family and I have been quite ill the last few weeks and also work has been very busy.
I've successfully tested the pptp and l2tp client connections between two pfSense boxes and also between on pfSense box and a gentoo linux server. There is just a couple of small bugs I need to sort out with the client configuration web page (that I introduced) and I'll be able to post a patch for you.
Please stay tuned, I'm going as quickly as possible.
-
OK. Here it is. Sorry it took me so long.
First a brief overview:
1> This PPTP/L2TP client patch is for 2.0.1 ONLY!!!! if you choose to apply it to any other version you are likely to break your firewall.
2> I don't know what the effects of running updates on a patched firewall appliance will be. I would suggest DON'T DO IT! At the very least you are likely to have to re-install the patch.
3> pfSense uses the BSD mpd daemon to manage PPP connections (as both server and client). This patch simply exposes a great many more mpd configuration options and generates the required config file.
4> There WILL be bugs. I have not and cannot test all possible combinations. I have however successfully established both PPTP and L2TP connections, between my pfSense appliance at work and my Gentoo Linux server at home and also between two pfSense appliances set up on a test bench.
Installation:
First ensure you have ssh access to your firewall appliance. Remember your password.
Second, download the patched file from here:
https://www.dropbox.com/sh/g3n6muzq0wg7fsg/MP19u-Pbc0Unzip the package.
Open a terminal and navigate to the newly created directory.
On my Mac and my Gentoo boxes, I use the following command to copy the files to the active firewall appliance:
scp -r ./* root@<ip address="">:/
Windows users can try WinSCP to do this, but I can't help you with that. I presume the command will be very similar…..
Please test and post your results here. I can't promise speedy support, but I'll help where I can. In the meantime I'll continue trying to figure out the correct way to commit these changes to the main trunk.</ip>
-
mayb cmb or jimp can have a look at the code and try to merge it in
-
I'm easy. If they feel so inclined then I would greatly appreciate the help. I don't have a lot of time to dedicate to these sorts of projects. It's more of a "need to have" sort of thing…. ;)
-
bytheway, adding outbound pptp, would it also create an interface so we selectively route out it using firewall rules etc, similar to how we do for openvpn client?
-
Hi xbipin,
Well, yes. The mpd daemon creates a virtual device to act as the tunnel endpoint, just the same as pppd+xl2tpd/pptpd do under Linux. so you could certainly use pf to create routes/rules for the vpn tunnel. However, mpd also gives you the option to configure a route to the remote network when the tunnel is established, so, if you're like me and you own the networks at each end of the tunnel, it simplifies things a little. But you don't have to use that option if you don't want to.
-
Hi xbipin,
I'm interested to know, did the patch work for you?
-
i havent tried it as yet, will do so soon
