Do you have the necessary PPTP VPN specific firewall rule? When you go
to the GUI, you should see LAN, WAN and PPTP VPN rules - double check
your PPTP VPN rule. Also, you may want to verify the order of your
rules (if it makes any difference in your case) and finally reboot the
router as a last resort - this has on occasion made the difference for me.
The configuration you describe (Remote Desktop Client -> pptp vpn ->
Remote Desktop server) is something I am doing as well and I have no
problems with it. So I am guessing it must be a configuration issue.
Sandro Kehrlein wrote:
>Thanks for the fast answer, but I didn't help...
>Even allowing ALL on the Interface WLAN (*:* to *:*, all prots) doesn't help. Any ideas?
>Von: Kristian Shaw [mailto:monowall at wealdclose dot co dot uk]
>Gesendet: Montag, 2. Januar 2006 15:15
>An: Sandro Kehrlein; m0n0wall at lists dot m0n0 dot ch
>Betreff: Re: [m0n0wall] Problem with GRE-Protocoll (VPN over WLAN)
>Port 1723 is used to set-up the PPTP connect, but the actual traffic is carried over GRE (a
protocol type in its own right).
>You will also need to allow GRE from the WLAN interface.
>----- Original Message -----
>From: "Sandro Kehrlein" <sandro at kehrlein dot de>
>To: <m0n0wall at lists dot m0n0 dot ch>
>Sent: Monday, January 02, 2006 2:09 PM
>Subject: [m0n0wall] Problem with GRE-Protocoll (VPN over WLAN)
>first a small introduction: I use a 3rd NIC for WLAN, here I've
>connected a standart AP. I deny all traffic from WLAN to *; except
>TCP/UDP from * to m0n0wall:1723. So I am only allowed to login into VPN
>(PPTP) from WLAN. To connect to my network or the internet, I have to
>connect via VPN and that's all working very fine...
>But now I often connect to my office via VPN. So on my laptop are 3
>connections: Wireless Network, VPN Tunnel to m0n0wall, VPN Tunnel into
>my office. I can access to shares on my office-workstations, that's not
>the problem. But if I like to connect me via Remotedesktopconnection to
>my Office-Server, I'll get an error, that there are network problems.
>There is following entry in the logs: Deny - Interface PPTP - Laptop VPN
>IP - Office Server IP (the ISP IP, not the internal IP) - Protocol GRE.
>I allow everything from PPTP-Clienst to * - each protocol. Now I added
>a second rule, allowing especially GRE. It doesn't help...
>Anybody out there who can help me?
>Thanks a lot!
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch