PPTP VPN NAT on WAN or other external interface
I have PPTP server on 2.0-RC1 latest build. i have multiple internal and external interfaces.
I have following problems:
1. PPTP Client not receive gateway IP, MASK is 255.255.255.255
2. NAT is not working.
3. tcpdump show wrong checksum errors, for example received checksum is 12AC calculated checksum AC12
#1 Updated by Chris Buechler over 8 years ago
- Priority changed from High to Normal
probably not a legit bug there (item 1 is how PPTP works, item 2 is not true and looks like a config problem in your case, item 3 is probably a consequence of how you're capturing traffic). but will leave this here for now until it can be tested.
#3 Updated by Zeev Zalessky over 8 years ago
Just installed second server with same version but i386 and not amd64 and this problem not exists. so, need to check the problem with PPTP VPN client (Windows 7 32bit),PPTP server on pfSense 2.0 RC1 amd64 and multi-wan NAT. according to packet capture all packets that come from pptp to wan are with bad checksum. i'll add packet capture later.
#4 Updated by Shadow Hwang over 8 years ago
Yes,I also encountered the same problem.
My Test environment Attachment Page1.jpg
1. Wan2 Rules: Open WAN2 Port GRE and PPTP Service port.
2. 1:1 NAT mapping 1 public ip to PPTP server ip(192.168.1.200)
3. Lan and Lan2 Rules: proto(any),source/port(any),destination/port(any),gateway(default)
A. 1.2.3 release: Ok!!, User vpn to pptp server is OK and More networks at the same time possible.
B. 2.0 RC1: Error, User vpn to pptp server is ok but when use till 30 to 180 seconds after the Internet will not and can not ping to the pptp server and Lan2 gateway. If the Test User move Lan2, it can connet the normal Internet.
#11 Updated by Jim Pingle about 8 years ago
I have setup multiple PPTP servers on i386 within the last week, and it worked fine, including NAT out to the Internet.
On amd64 however I can confirm that the checksums are bad, they appear to be byte swapped.
Header checksum: 0x6181 [incorrect, should be 0x8161]