We tested this already pretty much in detail earlier and the answer is: no, pptp won't work at an OPT-WAN (unless you are coming directly from the OPT-WAN subnet with proper firewallrules). Looks like the PPTP server can't handle this situation correctly. Nothing that we can fix at our end.
Holger > -----Original Message----- > From: Heath Henderson [mailto:[EMAIL PROTECTED] > Sent: Wednesday, October 18, 2006 6:23 AM > To: discussion@pfsense.com > Subject: Re: [pfSense-discussion] PPTP VPN on OPT1/WAN2 > > > I am not certain I explained it correctly. > > The pfsense built in PPTP server answers correctly on the WAN > address. But > it doesn't answer at all on the WAN2 address, regardless of > rules in the FW > for that interface. I just wondered if it was a limitation > of that PPTP > server/setup. I am using a load balanced/failover setup and > just wanted to > make sure that was not an option if I have people asking me about it. > > Thanks > > > -- > Heath Henderson > [EMAIL PROTECTED] > 1800 288 7750 > -- > > > > From: DarkFoon <[EMAIL PROTECTED]> > > Reply-To: <discussion@pfsense.com> > > Date: Tue, 17 Oct 2006 20:19:31 -0700 > > To: <discussion@pfsense.com> > > Subject: Re: [pfSense-discussion] PPTP VPN on OPT1/WAN2 > > > > Seems to me that with PPTP (and other protocols) if the > source IP address of > > packets sent to the client differs from the IP the client > sends packets to, > > the PPTP software discards (as it should) the packets > because they could be > > coming from an untrusted third-party. > > > > ----- Original Message ----- > > From: "Heath Henderson" <[EMAIL PROTECTED]> > > To: <discussion@pfsense.com> > > Sent: Tuesday, October 17, 2006 7:51 PM > > Subject: [pfSense-discussion] PPTP VPN on OPT1/WAN2 > > > > > >> Does anyone know if there is a limitation to the PPTP VPN > connection to > > only > >> connect via WAN connection and not vai OPT1 or WAN2? > >> > >> I have a successful server running and can connect via WAN > but times out > >> whenever I try and hit the WAN2/OPT1 connection with the > same setup. I > >> checked all of my rules and they are identical. > >> > >> Thanks > >> > >> -- > >> Heath Henderson > >> [EMAIL PROTECTED] > >> 1800 288 7750 > >> -- > >> > >> > >> > > > > >
