Re: [pfSense Support] Creating a PPTP connection from behind pfsense

Thu, 09 Mar 2006 07:44:42 -0800

I have had this exact same issue for some time and have never been able to find the solution. My situation is the same.
Office pfSense with PPTP enabled. Home pfSense without PPTP and I can connect from home to work without any issues. Once I enable PPTP @ home, I can no longer get from home to work using PPTP. Turning off PPTP @ home then allows me to connect from home to work again. 


Holger has tried this in his lab I believe and was not able to re-create 
it and I think maybe he did it outside of the lab too without being able 
to create the problem and thus it was closed.  While I am sorry to see 
you have the same issue, it is encouraging to know I am not crazy :-)


I am sorry I have no real info on a fix, I can only confirm this behavior.

Edward van Berkum wrote:

I have the following problem and can't figure out why it's going wrong, 
I have the latest 1.0Beta2 running.
 
I have setup a box, with pfsense, and everything works fine so I connect 
to my office pptp server to check my e-mail, till now no problem.
Sinse I now and then want to check my computer at home, I have enabled 
the pptp server within pfsense, after that I checked if it worked from 
my internal lan, and it did.
So I wanted to enable and make it available for my office so I can 
connect to my home.
So I created a nat rule from 1723 to 1723 on the ip adres of pfsense, 
and let it create a filter rule.
Now my problem ocurs, I can't create a PPTP connection to my office lan 
anymore, it keeps hanging on verifying username and password.
After I remove the nat and filter rules, disable the pptp server, reboot 
pfsense then I am able to make to connection again.
 
On monowall this worked veryfine, but sinse pfsense has more 
configuration options and a shell to customize several things like the 
timeout in PPTP..... and off-course many other features I wanted to use 
that.
 
Does anyone no a solution to this problem?
 
Here are my nat and filter rules from the config

NAT
- <rule>
  <protocol>tcp</protocol>
  <external-port>1723</external-port>
  <target>192.168.10.1</target>
  <local-port>1723</local-port>
  <interface>wan</interface>
  <descr>pptp</descr>
  </rule>
Filter
<rule>
  <interface>wan</interface>
  <protocol>tcp</protocol>
- <source>
  <any />
  </source>
- <destination>
  <address>192.168.10.1</address>
  <port>1723</port>
  </destination>
  <descr>NAT pptp</descr>
  </rule>

 
Regards Edward van Berkum



---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to