Netgate SG-1000 microFirewall

Author Topic: Outbound PPTP not working on multi-wan setup.  (Read 1970 times)

0 Members and 1 Guest are viewing this topic.

Offline roccor

  • Full Member
  • ***
  • Posts: 111
  • Karma: +2/-0
    • View Profile
Outbound PPTP not working on multi-wan setup.
« on: June 05, 2016, 09:13:31 am »
Recently got a job at $newcompany.. they still use PPTP for vpn. Yes I know it's risks and soon I will work towards replacing it. But for now I need to access work from home. I have Googled but I have a special setup...
So I have the Dell Sonicwall Global VPN client installed, my pf setup is multi-wan which is making this even more difficult.
I found an old Reddit post that mentioned needing to NAT teh gre packets to the client. Now under NAT rules I cant pick the protocol so I created 4 firewall rules all sending inbound GRE traffic to this laptop's IP. Still cannot connect.
Any help would be appreciated.

Offline roccor

  • Full Member
  • ***
  • Posts: 111
  • Karma: +2/-0
    • View Profile
Re: Outbound PPTP not working on multi-wan setup.
« Reply #1 on: June 05, 2016, 10:01:11 am »
Ok I did not look well enough.  So I also created 3 NAT rules from * to * for GRE to my laptops IP.
Did not help.

Offline divsys

  • Hero Member
  • *****
  • Posts: 919
  • Karma: +91/-1
    • View Profile
Re: Outbound PPTP not working on multi-wan setup.
« Reply #2 on: June 05, 2016, 11:33:17 am »
What are you running for a router at home?
If it's pfSense or DD-WRT, OpenWRT, etc. it may be simpler just to setup an OpenVPN server at home and the work pfSense as an OpenVPN Site-Site client.

It will give you the connectivity you're looking for without forcing something that's really dead.

Just my $0.02.
-jfp

Offline roccor

  • Full Member
  • ***
  • Posts: 111
  • Karma: +2/-0
    • View Profile
Re: Outbound PPTP not working on multi-wan setup.
« Reply #3 on: June 05, 2016, 01:10:17 pm »
The pf box is here at home.. work uses Windows RRAS pptp vpn.  I cannot change that at this time.. i'd really prefer to figure out how to make it work for me from home without setting up something else at work just for me.  If I have to I guess I will but I'd rather not.

Offline roccor

  • Full Member
  • ***
  • Posts: 111
  • Karma: +2/-0
    • View Profile
Re: Outbound PPTP not working on multi-wan setup.
« Reply #4 on: June 06, 2016, 08:10:11 pm »
Bump.. anyone?  Official pF folks?

Offline cmb

  • Hero Member
  • *****
  • Posts: 11230
  • Karma: +893/-7
    • View Profile
    • Chris Buechler
Re: Outbound PPTP not working on multi-wan setup.
« Reply #5 on: June 06, 2016, 08:34:29 pm »
No need for any special NAT. Remove anything you added there as that isn't going to do anything useful.

Usually the issue with PPTP and multi-WAN is where you're load balancing and end up sending the TCP 1723 out via a diff WAN than the GRE. Both have to go out via the same WAN and public IP.

Offline roccor

  • Full Member
  • ***
  • Posts: 111
  • Karma: +2/-0
    • View Profile
Re: Outbound PPTP not working on multi-wan setup.
« Reply #6 on: June 07, 2016, 12:51:17 pm »
Hmm , makes sense. So how do I go about specifying one wan link for this traffic?

Online kpa

  • Hero Member
  • *****
  • Posts: 1188
  • Karma: +132/-6
    • View Profile
Re: Outbound PPTP not working on multi-wan setup.
« Reply #7 on: June 07, 2016, 02:55:48 pm »
Match the traffic on the LAN interface inbound with a rule and use the gateway selection option in the advanced rule options to select a specific gateway the traffic should use.

Offline roccor

  • Full Member
  • ***
  • Posts: 111
  • Karma: +2/-0
    • View Profile
Re: Outbound PPTP not working on multi-wan setup.
« Reply #8 on: June 09, 2016, 09:15:16 pm »
Ok I removed teh other NAT and Rules I made.  Added one to direct all GRE out over 1 specific WAN interface.

http://s33.postimg.org/artmos3en/pptp.png

http://s33.postimg.org/54ardyywv/pptp1.png