I'm not sure, based on your email, if the pfSense box is in front of
the PPTP server or not. If t is, then go to the VPN menu, select
PPTP, on "Configuration" tab, select "Redirect incoming PPTP
connections to:" radio button and fill in the text box ("PPTP
redirection") with the IP address of your internal PPTP server.
Remove the rules you created too, btw :)
--Bill
On Nov 19, 2007 7:07 AM, Luciano Areal <[EMAIL PROTECTED]> wrote:
>
> Good morning, folks!
>
> Here in my company, we have this network scenario:
>
> Our network has one internal VPN server, based on a Windows 2003 Enterprise,
> using PPTP and GRE protocol. We have several workers who eventually need to
> connect in our network, to get some data and disconnect. Sometimes, they
> need to work in our network from home, airport, etc., just like in a
> "roadwarrior way". Following:
>
> ------------- --------- ---------- -------------
> |PPTP SERVER| <---> |GATEWAY| <---> |INTERNET| <---> |ROADWARRIOR|
> ------------- --------- ---------- -------------
> 192.168.0.0 /24 200.*.*.* /28 (ISP IP) *.*.*.* (any IP)
>
> I did a basic installation of pfSense firewall solution on a machine here,
> and set up all needed ports for our basic NAT (webserver, e-mail, etc.).
> Here follows the part mentioned for PPTP:
>
> Firewall: NAT: Port Forward Options
>
> If Proto Ext. port range NAT IP Int. port range
> Description
> WAN TCP 1723 192.168.0.14 1723
> Allow PPTP (TCP 1723)
> WAN GRE 192.168.0.14
> Allow GRE (Protocol 47)
>
> These rules were also inserted on Firewall: Rules (WAN section)
>
> Proto Source Port Destination Port Gateway
> Description
> TCP WAN address 1723 192.168.0.14 1723 *
> Allow PPTP (TCP 1723)
> GRE WAN address * 192.168.0.14 * *
> Allow GRE (Protocol 47)
>
> Then, I tried to connect from home to my server, putting its WAN IP on my
> VPN connection, but when I try to connect, nothing happens.
>
> Am I doing anything wrong here? Did I forget any point here? I tried to get
> some info on pfSense mail discussion archives, but didn't find anything
> similar to my problem. :-(
>
> Is there anything that I still need to do in order to free up traffic of
> PPTP and GRE protocols, from my box to the internal server? If anyone here
> have passed through this issue, please light up my path. ;-)
>
> Best regards,
>
> Luciano Pereira Areal
> Network Administrator
> E-mail: [EMAIL PROTECTED]
> Mobile #1: +55 21 8176-7376
> Mobile #2: +55 21 8169-3362
> Nextel ID: 55*8*64731
> Skype: luciano_areal
>
> Bizvox Voice Services
> Avenida Nilo PeƧanha, 50 Grupo 1516 - Centro
> CEP: 20020-906
> Rio de Janeiro - RJ - Brasil
> Phone: +55 21 2212-1650
> Fax: +55 21 2212-1675
> Website: http://www.bizvox.com.br/
>
>
>
>
> _____
>
> avast! Antivirus <http://www.avast.com> : Outbound message clean.
>
>
> Virus Database (VPS): 071119-0, 19/11/2007
> Tested on: 19/11/2007 10:07:26
> avast! - copyright (c) 1988-2007 ALWIL Software.
>
>
>
>
