News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  VPN
linktree Topic: XP PPTP - Connects but can't ping LAN hosts
Pages: [1]
Topic: XP PPTP - Connects but can't ping LAN hosts  (Read 4144 times)
« on: January 02, 2008, 23:58:19 »
tharant *
Posts: 5
This is my current config...

m0n0 lan ip: 192.168.1.1

PPTP CONFIG
server address: 192.168.1.253
remote address range: 192.168.1.16
require 128: true

FIREWALL RULE
action: pass
interface: pptp
protocol: any
source: any
destination: any

Configured like this the remote PPTP client will connect but I cannot ping/access any hosts on the LAN. So I changed the server address and remote address range to 192.168.2.254 and 192.168.2.16 which allowed me to ping 192.168.1.1 but I still couldn't ping any other LAN hosts.

Any ideas what I'm doing wrong?

thanks in advance!

-tharant
« Reply #1 on: January 03, 2008, 02:12:08 »
ChainSaw
Guest
I never use 192.168.1.x for the m0n0wall LAN subnet as that is the default for many router/firewall and will cause problems when you try to VPN from other locations that also us 192.168.1.x.

Try this:

m0n0wall LAN interface: 192.168.55.1
PPTP server address:     192.168.55.63
PPTP Remote address:   192.168.55.64

CS...
« Reply #2 on: January 03, 2008, 16:42:55 »
tharant *
Posts: 5
Thanks for the quick reply. Unfortunately, I really need to keep the m0n0wall LAN on the 192.168.1.x subnet. This m0n0 box is in headquarters and I've already got seven other sites configured and  connected via IPSEC and they all work great.

The subnet shouldn't be a problem however as the remote XP box that I'm trying to connect from is on a different subnet (192.168.50.x).  It is not at one of the IPSEC remote sites, but it is on a LAN that I control. 

So, shy of renumbering my entire multi-site network, what can I do to get PPTP working correctly?

-tharant
« Reply #3 on: January 03, 2008, 20:13:56 »
ChainSaw
Guest
Do you have the same problem from multiple PPTP clients at different locations or is this the only location that is a problem?

CS...
« Reply #4 on: January 03, 2008, 21:05:19 »
mwiget *
Posts: 38
not 100% sure this is the solution to your problem, but I use 'PPTP Clients' as source in PPTP VPN Firewall rule and that does the trick for me.

FIREWALL RULE
action: pass
interface: pptp
protocol: any
source: PPTP Clients
destination: any
« Reply #5 on: January 03, 2008, 21:30:24 »
tharant *
Posts: 5
Quote from: ChainSaw on January 03, 2008, 20:13:56
Do you have the same problem from multiple PPTP clients at different locations or is this the only location that is a problem?

CS...

This is the only PPTP client that I've got. The other sites are all IPSEC and they all work fine.

-tharant
« Reply #6 on: January 03, 2008, 21:36:06 »
tharant *
Posts: 5
mwiget,
  thanks, i'll give that a try shortly and post the results.

-tharant
« Reply #7 on: January 03, 2008, 21:46:03 »
ChainSaw
Guest
can the remote site in question PPTP to other PPTP servers? is it just your m0n0wall PPTP server that has the problem?
« Reply #8 on: January 03, 2008, 22:19:10 »
tharant *
Posts: 5
I found the problem. The PPTP client machine had the Service Pack 3 beta for XP installed. Once I removed SP3 the PPTP connection started working correctly.

Thanks for the help guys!

-tharant
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines