No need for self-induced bodily harm... we've all been there. :-) The PPTP problem is one of those 'gotchas' when working with pfSense that we used to run into all the time. BUT, frankly we don't use PPTP anymore for many reasons and it hasn't been an issue for us. If you simply need to give road warriors access to your network, *PLEASE* check out OpenVPN as it is incredibly robust and infinitely more secure. It is a tad more difficult to setup but that's what the forum, list, and paid pfSense support are for! :-)
Tim Nelson Systems/Network Support Rockbochs Inc. (218)727-4332 x105 ----- "Christopher Iarocci" <ciaro...@tfop.net> wrote: > I'm embarrassed to write this, and I'm having trouble finding someone > to lend me a gun, but you were right. The PPTP server was enabled on > my side causing the problem. > > Christopher Iarocci > Network Solutions Manager > Twin Forks Office Products > 631-727-3354 > > > -----Original Message----- > From: Tim Nelson [mailto:tnel...@rockbochs.com] > Sent: Monday, January 12, 2009 9:56 AM > To: support@pfsense.com > Cc: support@pfsense.com > Subject: Re: [pfSense Support] Multi-WAN PPTP? > > Is the PPTP server enabled on the 'other' pfSense firewall where the > clients are connecting *FROM*? That may be your problem... see here: > http://www.pfsense.org/index.php?option=com_content&task=view&id=40&Itemid=43 > ' > Specifically this text: > > Limitations > * Because of limitations in pf NAT, when the PPTP Server is > enabled, PPTP clients cannot use the same public IP for outbound PPTP > connections. This means if you have only one public IP, and use the > PPTP Server, PPTP clients inside your network will not work. The work > around is to use a second public IP with Advanced Outbound NAT for > your internal clients. See also the PPTP limitation under NAT on this > page. > > Tim Nelson > Systems/Network Support > Rockbochs Inc. > (218)727-4332 x105 > > ----- "Christopher Iarocci" <ciaro...@tfop.net> wrote: > > > Tried putting an unused LAN IP in the server field, no difference > > whatsoever. It gives me the same exact errors on the client side > and > > in the > > PFSense logs. Anything else I can try? Just as an FYI, the clients > I > > am > > testing with are XP Pro and Vista Ultimate. Both are behind > another > > PFSense > > firewall. I only try a single machine at any one time. I can't > get > > my head > > wrapped around the fact that it used to work like a charm with the > > same > > exact config. I even went back into previously saved configs and > > compared > > them and there is no difference. It worked with this config as > > recently as > > 12/29/07 (last PPTP log entry). > > > > Christopher Iarocci > > Network Solutions Manager > > Twin Forks Office Products > > 631-727-3354 > > > > -----Original Message----- > > From: Chris Buechler [mailto:cbuech...@gmail.com] > > Sent: Friday, January 09, 2009 2:31 PM > > To: support@pfsense.com > > Subject: Re: [pfSense Support] Multi-WAN PPTP? > > > > On Fri, Jan 9, 2009 at 1:08 PM, Christopher Iarocci > > <ciaro...@tfop.net> > > wrote: > > > Chris, > > > > > > Does it matter which IP address on my LAN it is? Should it be > the > > LAN IP > > of > > > the PFSense box, or something other than that? > > > > > > > Just pick an unused IP on your LAN. > > > > > > > Does the radius server see requests coming from the IP address > > specified > > > there or the LAN IP? In the past with the WAN IP in that field, > > requests > > to > > > the radius server came from the LAN IP. > > > > > > > The IP of the interface closest to the RADIUS server, usually LAN. > > The > > server IP is just for PPTP client - server communication. > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > > For additional commands, e-mail: support-h...@pfsense.com > > > > Commercial support available - https://portal.pfsense.org > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > > For additional commands, e-mail: support-h...@pfsense.com > > > > Commercial support available - https://portal.pfsense.org > > --------------------------------------------------------------------- > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
