[ previous ] [ next ] [ threads ]
 
 From:  Jeff Buehler <jeff at buehlertech dot com>
 To:  Chris Taylor <chris at x dash bb dot org>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] PPTP with Windows XP on 1.21
 Date:  Thu, 09 Feb 2006 14:30:00 -0800
Hi Chris -

In this configuration we have three separate LANS connected via IPSEC 
VPN's as well as the PPTP connections from outside those.  We are using 
DHCP and DNS forwarding as well.  We are not using Traffic Shaping, 
Captive Portal, SNMP, or Syslog.

Your IPSEC works, but PPTP doesn't?  IPSEC is usually more a pain than 
PPTP to get working.

Hmmm.  Make certain that you aren't routing or NAT'ing the PPTP ports 
(GRE and TCP/IP on port 47 and port 1723 as I recall) to some other now 
unnecessary PPTP device (like a Windows Server) on the WAN, which might 
interfere with the PPTP.

I can't think of anything else right now - sorry!

Jeff

Chris Taylor wrote:

> Jeff,
>
> I'm not using 128-bit auth. That's a far-off dream at this point ;)
>
> There are no IP clashes. My DHCP runs from 192.168.0.200-249 and my 
> PPTP block has been 192.168.0.96/28, amongst other values (including 
> non-LAN subnet ones).
>
> There are no client firewalls (save the local m0n0wall).
>
> The PPTP firewall rule could not be simpler. It is literally Pass any 
> -> any for any protocol.
>
> User accounts have been checked and re-checked, plus assigned with 
> static IPs. No dice.
>
> Are you using IPSec or any of the other features I mentioned? Have you 
> had to do anything special for the PPTP connection in XP?
>
> Chris Taylor
>
> PS: Please keep replies on-list (Reply All).
>
> Jeff Buehler wrote:
>
>> I have no problems at all with PPTP under 1.21.  I have 3 different 
>> accounts, 1 of which assigns an  IP at connect.  Everything works 
>> properly.  All of the client machines in my case are using the 
>> standard Windows XP PPTP client, so I can't speak for other PPTP 
>> clients.  I am not using a radius server, and I don't require a 128 
>> bit connection.
>>
>> Make certain that the IP you have allocated for the PPTP server is 
>> not being used by another machine on the network - if you are using 
>> DHCP, you might want to allocate a range of something like 
>> 192.168.1.50 - 192.168.1.250 to leave the first 48 or so addresses 
>> available for PPTP and other needs.  So in this case the server 
>> address would be, perhaps, 192.168.1.1, and the PPTP server address 
>> might be 192.168.1.10 (arbitrary but below the DHCP range) and the 
>> range of PPTP IP's might be 192.168.1.16 - 192.168.1.32 (also 
>> arbitrary and below the DHCP range).
>>
>> If you still can't connect, make certain a firewall isn't interfering 
>> on the client side, make certain that the m0nm0wall PPTP firewall 
>> rules are opened as needed, and make certain that your user accounts 
>> are correct.  It should work fine.
>>
>> Jeff
>>
>> Chris Taylor wrote:
>>
>>> Hi all,
>>>
>>> First of all - PLEASE respond to this thread if you are currently 
>>> using m0n0 as a PPTP server; I would very much like to hear from 
>>> you! Please also mention what other features you use; I'm using 
>>> Traffic Shaping, Captive Portal, DNS Forwarder, SNMP, Syslog 
>>> support, DHCP Server and IPSec.
>>>
>>> I am totally unable to make PPTP work with 1.21. I had it 
>>> functioning on 1.20 but on 1.21, I get nothing. I've asked several 
>>> friends to try it, with no luck whatsoever.
>>>
>>> At my end, I'm behind a m0n0wall and would like to use PPTP to 
>>> connect to a remote 'wall. This does not work (this is the exact 
>>> setup that worked before). I'm also trying to enable m0n0's PPTP 
>>> server on my m0n0wall to allow others to connect - this does not 
>>> work either.
>>>
>>> I've followed the instructions in the FAQs, fiddled with all of the 
>>> Windows settings and the best I can get is Windows alternating 
>>> between errors 651, 678 (a friend gets this one intermittently) and 
>>> 800. I've tried using subnets for PPTP clients such that they 
>>> overlap with my LAN (no joy) and such that they overlap nothing 
>>> (again, no joy). I have an any -> any firewall rule for PPTP 
>>> clients. I've cleared NAT tables and rebooted machines (I have seen 
>>> references to both of these working). I've Googled and read from the 
>>> list over the past 2 years, and found hardly any useful information.
>>>
>>> I've tried setting it all up from scratch several times, either 
>>> following the FAQ or just randomly setting stuff. I'm at my wits' 
>>> end here tbh, I just cannot see why this isn't working!
>>>
>>> Please help...
>>>
>>> Chris Taylor
>>>
>>> PS: I also have a funny feeling that if I downgrade to 1.20, it 
>>> isn't going to work either. Has anything actually changed that would 
>>> affect PPTP between these versions?
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>>>
>>>
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>