Chris Willis wrote: > I have setup a FreeBSD box running PF for a client. It is the > 'firewall' for their internal LAN. > > I cannot make an outbound VPN connection from their LAN to any other > microsoft PPTP VPN server. > > The VPN connections work fine from any machine that plugs in to the > hub in FRONT of the firewall (static public IP), but that obviously > isn't the solution. > > What changes need to be made to the ruleset to allow outbound PPTP > connections? Here is the existing NAT rule I though might work based > on browsing the Archives: > > nat on fxp0 proto udp from 172.16.0.0/16 port = 500 to any -> > 206.135.37.226 port 500 > > But it didn't help at all. I put that rule both in front of, and > behind, the regular NAT rule for outbound network traffic.
I hate to say it Chris, but have you bothered to even find out what ports/protocols PPTP actually uses? Perhaps TCP 1723 and GRE?