News
:
This forum is now permanently frozen.
m0n0wall Forum
>
m0n0wall Support (English)
>
VPN
Topic: Firewall blocking PPTP VPN Requests
Pages: [
1
]
Topic: Firewall blocking PPTP VPN Requests (Read 3627 times)
Firewall blocking PPTP VPN Requests
« on: October 04, 2007, 16:57:43 »
fbristow
Posts: 4
Hi There,
I've been setting up an instance of m0n0wall 1.3bx and attempting to get VPN connectivity set up using PPTP. I have been trying with both linux and windows clients.
As I am testing m0n0wall as a replacement for our existing firewall, I have m0n0wall sitting as a client behind our existing firewall.
m0no has an IP address on the 10.66.8.x network, and internal to m0n0 is a LAN (192.168.10.x) and a DMZ (10.66.80.x). I can connect to the VPN server from within both the DMZ and the LAN networks on m0n0, but I am unable to connect from the "external" 10.66.8.x network -- m0n0 reports in the firewall logs that it is blocking traffic from the IP address that I am trying to connect to it with. I have tried several combinations of firewall rules, including allowing * from * to * on the WAN page with no luck.
Perhaps I'm missing something painfully obvious, but I am completely uncertain as to why m0n0 would be blocking these connection attempts.
Any help that can be offered would be greatly appreciated!
Re: Firewall blocking PPTP VPN Requests
« Reply #1 on: October 12, 2007, 12:36:05 »
RE
Posts: 4
Since you have the m0n0wall's WAN connected to a private network (10.66.8.0), have you disabled the "Block private networks" option on the m0n0wall WAN Interface config page?
Re: Firewall blocking PPTP VPN Requests
« Reply #2 on: October 23, 2007, 16:26:08 »
fbristow
Posts: 4
Hi there,
Yes, I ensured that this option was disabled but it did not help
I'm about to have another go at configuring from the ground up, and putting the firewall on an externally visible address.
Re: Firewall blocking PPTP VPN Requests
« Reply #3 on: October 29, 2007, 15:49:17 »
fbristow
Posts: 4
We just put our firewall on an externally visible ip address and this appears to have fixed the problem -- I would assume that the problem we were having was as a result of using internal ip addresses on both the internal and external network in our testing. I don't know why disabling the 'block private networks' didn't work, but this is irrelevant for the current situation.
We're very pleased with this product so far, thanks!
Re: Firewall blocking PPTP VPN Requests
« Reply #4 on: November 02, 2007, 15:33:49 »
DJEMiVT
Posts: 16
If your WAN port is on a private LAN you need to make sure your ISP is forwarding GRE and port 1723 to you. If you are behind a NAT you cannot accept a direct connection to port 1723/tcp, and this is why it will not work regardless of your firewall rules.
Regards
Pages: [
1
]