PPTP connections



  • Hi All,

    I know there is a problem with PPTP not working correctly, meaning that if you enable the server you cannot PPTP out etc. In a topic I also saw a message that you guys know where the problem is, something to do with kernel or jail() things… that message was from a year ago so I was wondering if by now this problem has been fixed? Since PPTP is still one of the most used tunneling protocols out here it's a major problem if it doesn't work (at least it is for us :))

    If I decide to drop the PPTP server on pfSence and just do pass trough for both incoming and outgoing PPTP connections do these limitations still exist? I mean, if it just travels trough pfSense does it still have the limitation of one connection per server?

    A small questions off-topic; why do you have a limitation of 16 concurrent PPTP connections (I know it can be changed manually).

    Thanks for the answer!



  • Last I heard, the PPTP out to 1 server only issue is scheduled to be fixed in the 2.0 release.  Many of use are waiting on it :P



  • A way to see what has been going on with PPTP is to go to:
    http://cvstrac.pfsense.com/

    Then do a search for PPTP or whatever topic you are interested in. Here you will see code check ins and bug reports and replies.

    With my system I turned off the PPTP server and use OpenVPN its not to hard if you follow:

    OpenVPN road warrier and site to site
    http://www.pfsense.com/index.php?id=36

    Making OpenVPN key creation easier until we get a GUI
    http://forum.pfsense.org/index.php/topic,4807.0.html

    With PPTP off on my system I can remote into any other pre-existing PPTP systems from my network.

    I believe the 16 concurrent PPTP connections limit is a default inherited from m0n0wall.

    One more thing to note PPTP in PFSense is provided by MPD. Looks like there is a new major version that is currently Release Candidate 2  status perhaps that version will help for future versions of PFSense.
    http://mpd.sourceforge.net/



  • Hi,

    Thanks for the reply.
    Unfortunately we have a lot of "dumb" users, they can follow a simple 2 page tutorial on how to make a pptp connection but are to stupid to make an IPsec or SSLVPN connection. So thats the main reason we need to enable the server.

    I am willing to have someone on RentAcoder try and fix it and spend some resources on it, if so, will someone put it in the next release?

    Regards,

    Rense



  • In addition to RentAcoder You can also try a Bounty here on this forum at:
    http://forum.pfsense.org/index.php/board,34.0.html

    If the solution is clean, fixes the problems with PPTP, and doesn't cause any other problems then it is very likely the changes will be added to PFSense.


Log in to reply