[ previous ] [ next ] [ threads ]
 From:  Lonnie Abelbeck <abelbeck at abelbeck dot com>
 To:  m0n0wall List <m0n0wall at lists dot m0n0 dot ch>, Michael Brown <knightmb at knightmb dot dyndns dot org>
 Subject:  Re: [m0n0wall] m0n0walls built-in PPTP vs. Any other server PPTP
 Date:  Sun, 24 Sep 2006 19:30:59 -0500

Your unique problem was you had an existing PPTP server, and NAT  
remembered that.

If you were starting from scratch, turning on PPTP would work without  
resetting NAT (or rebooting).

I'm glad I could help.


On Sep 24, 2006, at 7:10 PM, Michael Brown wrote:

>  Lonnie,
> 1) Check, all good to go.
> 2) Holy Crap, I just reboot the one at the office and it WORKED!!
> LOL, no idea you had to reboot when you turn on PPTP, but yay!  
> after months of messing with this it finally works.  Thanks for  
> solving this year long problem my friend!  Note to self, sometimes  
> you do have to reboot FreeBSD, hehe.
> Thanks,
> Michael
> Lonnie Abelbeck wrote:
>> Michael,
>> 1)  You didn't mention it, but I assume you added a "PPTP VPN"  
>> rule to allow PPTP traffic.
>> 2)  You might try doing a Diagnostics -> Reset state, (or  
>> rebooting) NAT has an issue with non-UDP/TCP (like GRE) traffic,  
>> so resetting things might fix it.  Your router at home might have  
>> the same NAT 'gre' memory problem.
>> Lonnie
>> On Sep 24, 2006, at 6:52 PM, Michael Brown wrote:
>>> Hi,
>>> I've seen this topic beat to death in older posts except I never  
>>> saw any answers to it. I'll ask again in hopes that someone has  
>>> found a solution or has ideas to assist me in my dilemma.
>>> I have a m0n0wall PC image version 1.22 at the office serves as  
>>> the Firewall/NAT/DHCP/etc and does an awesome job.  The office  
>>> also needs for employees on the road to be able to connect back  
>>> into the office network via PPTP to work with software, etc.  In  
>>> the past, we have used an old windows 2000 machine with the  
>>> default VPN and the firewall would just forward the port from the  
>>> WAN to the LAN and everything worked fine.  I've really wanted to  
>>> move away from this and let m0n0wall handle the VPN but for the  
>>> life of me can not even get it to work with one computer.
>>> I've read through the FAQ and all the posts I could find in the  
>>> mailing list, but I just don't know what I'm missing.
>>> To start, I turned on the m0n0wall PPTP, setup one test user and  
>>> the assigned the gateway and PPTP ranges away from anything else.  
>>> I use my computer at home to test out the connection. When I try  
>>> to connect, I always get the famous windows error "Error: 628"  
>>> when trying to connect.  If I set m0n0wall to forward back to the  
>>> internal VPN server, everything works fine, switch back over to  
>>> the m0n0wall VPN and it doesn't work? I don't know what else to  
>>> try. I've worked with many devices and PPTP setups and it's  
>>> really straight forward, I don't know what else I could be missing?
>>> Is there a way I can troubleshoot why forwarding a VPN on  
>>> m0n0wall works, but using m0n0wall's own VPN will not?  My home  
>>> setup has a m0n0wall firewall/NAT as well using another PC image  
>>> version 1.22   I'm certainly from what I read that you can PPTP  
>>> out of m0n0wall (my home) to another PPTP on another m0n0wall (at  
>>> the office) or have I missed something? All the office employees  
>>> use Windoze XP so I have an exact setup at home to duplicate this  
>>> without success. I just can't seem to get Windoze to connect to  
>>> m0n0wall's built in PPTP, they only seem to like the other  
>>> windows 2000 PPTP (go figure right?)
>>> Can anyone spare me some brilliant thoughts :-)
>>> Thanks,
>>> Michael
>>> -------------------------------------------------------------------- 
>>> -
>>> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>>> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch