PPTP changes?



  • A few months ago, when I was last in Europe, I set up a PPTP tunnel, so I can watch Netflix movies while being here. Needless to say, once back in the US, I had no need for that tunnel, and hence made no changes in the config relating to it.

    Now I'm back in Europe, the tunnel establishes just fine, but while traffic is sent out the tunnel, no traffic comes back. In other words, the tunnel goes up, shows as being up, and that's where it ends.

    (Security is obviously not an issue, but ease of availability, I can set up a PPTP link on my iPad, iPhone and laptop, which is why I chose the protocol. In the end, it only matters that traffic seems to be US originated, because of Netflix silly geo-IP check.)

    So since I didn't change anything, and since the tunnel goes up as before, were there any changes that could result in the behavior observed? Anyone actually using/testing PPTP? Anyone who's simultaneously has an IPSec link up? An IPv6 tunnelbroker tunnel? None of these things are new, here, though. For the most part (except for playing with limiters) the configuration has remained unchanged for months, only upgrading to more recent snapshots has happened regularly.



  • Were you using IPAD before?



  • @kejianshi:

    Were you using IPAD before?

    I was using iPad, iPhone and my MacBook Air. All of them used to work, none of them work now.



  • Very odd - Mine works.

    GRE is a bit picky.  Easily broken by 4 situations for sure:

    1.  Someone on your distant network that you are on running a PPTP server.

    2.  PPTP pass through being set up badly at distant end or server end.

    3.  Someone at distant end also using your PPTP server (other than yourself) on same network as you.

    And of course…

    4.  Someone screwing with your VPN on purpose to block it.

    If I were you, I would SSH into your box and configure a Openvpn server or an IPsec server and use that.
    Preferably Openvpn.



  • I'd suspect something on the pfSense side of things, because even if I establish the tunnel over 3G from the iPhone (which also used to work), I have the same problems, and at that point I completely bypass the WLAN here in Europe. My European carrier even allows the 3G connection to have an exposed, public IP address, which I have enabled, so the usual NAT-related issues that could crop up on 3G data connections shouldn't apply, either.

    I'll continue to dig around whenever I have spare time that I otherwise would use to watch movies on Netflix ;)



  • Well - If you had a stable version of pfsense and you didn't upgrade and you didn't change anything, nothing would just change its self.
    Thats why I'm wondering what else may have changed.


Log in to reply