I'm not sure, based on your email, if the pfSense box is in front of the PPTP server or not. If t is, then go to the VPN menu, select PPTP, on "Configuration" tab, select "Redirect incoming PPTP connections to:" radio button and fill in the text box ("PPTP redirection") with the IP address of your internal PPTP server. Remove the rules you created too, btw :)
--Bill On Nov 19, 2007 7:07 AM, Luciano Areal <[EMAIL PROTECTED]> wrote: > > Good morning, folks! > > Here in my company, we have this network scenario: > > Our network has one internal VPN server, based on a Windows 2003 Enterprise, > using PPTP and GRE protocol. We have several workers who eventually need to > connect in our network, to get some data and disconnect. Sometimes, they > need to work in our network from home, airport, etc., just like in a > "roadwarrior way". Following: > > ------------- --------- ---------- ------------- > |PPTP SERVER| <---> |GATEWAY| <---> |INTERNET| <---> |ROADWARRIOR| > ------------- --------- ---------- ------------- > 192.168.0.0 /24 200.*.*.* /28 (ISP IP) *.*.*.* (any IP) > > I did a basic installation of pfSense firewall solution on a machine here, > and set up all needed ports for our basic NAT (webserver, e-mail, etc.). > Here follows the part mentioned for PPTP: > > Firewall: NAT: Port Forward Options > > If Proto Ext. port range NAT IP Int. port range > Description > WAN TCP 1723 192.168.0.14 1723 > Allow PPTP (TCP 1723) > WAN GRE 192.168.0.14 > Allow GRE (Protocol 47) > > These rules were also inserted on Firewall: Rules (WAN section) > > Proto Source Port Destination Port Gateway > Description > TCP WAN address 1723 192.168.0.14 1723 * > Allow PPTP (TCP 1723) > GRE WAN address * 192.168.0.14 * * > Allow GRE (Protocol 47) > > Then, I tried to connect from home to my server, putting its WAN IP on my > VPN connection, but when I try to connect, nothing happens. > > Am I doing anything wrong here? Did I forget any point here? I tried to get > some info on pfSense mail discussion archives, but didn't find anything > similar to my problem. :-( > > Is there anything that I still need to do in order to free up traffic of > PPTP and GRE protocols, from my box to the internal server? If anyone here > have passed through this issue, please light up my path. ;-) > > Best regards, > > Luciano Pereira Areal > Network Administrator > E-mail: [EMAIL PROTECTED] > Mobile #1: +55 21 8176-7376 > Mobile #2: +55 21 8169-3362 > Nextel ID: 55*8*64731 > Skype: luciano_areal > > Bizvox Voice Services > Avenida Nilo PeƧanha, 50 Grupo 1516 - Centro > CEP: 20020-906 > Rio de Janeiro - RJ - Brasil > Phone: +55 21 2212-1650 > Fax: +55 21 2212-1675 > Website: http://www.bizvox.com.br/ > > > > > _____ > > avast! Antivirus <http://www.avast.com> : Outbound message clean. > > > Virus Database (VPS): 071119-0, 19/11/2007 > Tested on: 19/11/2007 10:07:26 > avast! - copyright (c) 1988-2007 ALWIL Software. > > > >