Project

General

Profile

Bug #1151

Outgoing pptp Traffic-Flow stops after a while

Added by Christian Schwarz over 8 years ago. Updated about 8 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
PPTP
Target version:
Start date:
01/02/2011
Due date:
% Done:

0%

Estimated time:
Affected Version:
2.0
Affected Architecture:
i386

Description

After bringing up a pptp-connection to a remote network, traffic seems to be blocked after a while, but the tunnelstatus is still up.
I'm using pfsense 2.0 beta5 on my side and different fw on the other
In the Firewall-Log there are some entries with blocked gre traffic, initiated from the remote host.
So I created a rule, permitting inbound gre, but the problem continues, although the log file is fine.
I assume, that the state get lost or something like this, but my understanding of that is very little.

This error is alway occuring when connecting to a pptp-Server behind a Nat-Router.
I connected to another pptp-Server which was running directly on the remote-GW (dont know if NAT is used there, maybe not cause Server is listening on Wan-side)and the connection works well.
Very strange, but I only have this problem when using PFSense.
Any ideas, or suggestions where to start?

History

#1 Updated by Waldo Nell over 8 years ago

Please see this thread for additional information - I have the exact same issue: http://forum.pfsense.org/index.php/topic,30890.0.html

#2 Updated by Christian Schwarz over 8 years ago

Thank you for the link.
Workarround seems to work in my environment, cause I just have one client, needing the pptp connection.
So I can continue, using this wonderful beta.

Greetings from Germany

#3 Updated by Chris Baker over 8 years ago

2.0BETA5 Built on 1/7/11 still has this problem. My current work around is to do a constant ping to something on the remote network to keep the connection alive.

#4 Updated by Ermal Luçi over 8 years ago

  • Status changed from New to Feedback

Committed a fix just now.
Grab a snapshot from tomorrow and test.

#5 Updated by Chris Baker over 8 years ago

Just updated to the latest versions the morning of 1/19 and in the afternoon, both versions introduced system lockups so I was unable to test the vpn for stability

#6 Updated by Stefan Pinson over 8 years ago

I updated on 1/19 as well and my PPTP VPN stability issue seemed to be resolved. But, as Chris stated above, I am having system lockups since the update and have had to do a hard reset on the system twice in the last 24 hours. I have been running the 2.0 Beta for over a month and this is the first time I have ever had to do a hard reset.

#7 Updated by Jim Pingle over 8 years ago

The lockup issue is likely separate. The forum thread for that is here: http://forum.pfsense.org/index.php/topic,32458.html
Try the suggestions in the thread if you can.

#8 Updated by Christian Schwarz over 8 years ago

pptp also working here :)

#9 Updated by Ermal Luçi over 8 years ago

  • Status changed from Feedback to Resolved

#10 Updated by George M about 8 years ago

Is this bug fixed in the RC1 version?

#11 Updated by Chris Buechler about 8 years ago

yes. if it's marked as resolved, it's resolved.

#12 Updated by George M about 8 years ago

Hmm... I use the RC1 (i386) version and have this problem, that's the reason I asked. The pptp Traffic-Flow stops after a few minutes but when I - for example - send constant pings to a system on the remote network everything is okay.

#13 Updated by George M about 8 years ago

I think the problem is that I use a Bridge between LAN and OPT1. I have 3 interfaces

WAN
LAN
OPT1

The WAN-Interface has of course it's own subnet.

The LAN-Interface shares the subnet with the OPT1-Interfaces via a Bridge, so the OPT1-Interface has no IP-Address only the LAN-Interface.

It's not a problem to reach via PPTP systems on the LAN-Interface, the traffic flow never stops but for systems on the OPT1-Interfaces it's different, I have to create a constant traffic - for example I ping a system behind the OPT-Interface - or the traffic flow stops after a few minutes. I still can reach systems behind the LAN-Interface when the traffic flow to the OPT1 interface stops.

#14 Updated by Chris Buechler about 8 years ago

actually I was wrong, this wasn't fixed in the official RC1 release, it's been in snapshots since early March though.

#15 Updated by George M about 8 years ago

I use now the version '2.0-RC1 (i386) built on Thu May 5 18:22:32 EDT 2011' and it's still the same behavior, the traffic flow stops after a few minutes to the systems on the OPT1 interface. Looks like the bug is still there.

Also available in: Atom PDF