pfSense Support Subscription

Author Topic: Mikrotik PPTP  (Read 1068 times)

0 Members and 1 Guest are viewing this topic.

Offline mhimhdi

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Mikrotik PPTP
« on: January 06, 2017, 12:30:57 pm »
I use a Mikrotik PPTP Server for my clients.

PFsense firewall is between clients and Mikrotik. Firewall block GRE, so clients can not connect to Mikrotik PPTP Server. How can I open GRE in pfsense?

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 9236
  • Karma: +1052/-308
    • View Profile
Re: Mikrotik PPTP
« Reply #1 on: January 06, 2017, 01:32:41 pm »
GRE is not blocked from the inside to the outside by default. If it is blocked it is because you blocked it.

https://doc.pfsense.org/index.php/PPTP_VPN

https://doc.pfsense.org/index.php/What_are_the_limitations_of_PPTP_in_pfSense
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline dotdash

  • Hero Member
  • *****
  • Posts: 1919
  • Karma: +99/-3
    • View Profile
Re: Mikrotik PPTP
« Reply #2 on: January 06, 2017, 05:28:26 pm »
I think he saying the PPTP server is behind the pfSense firewall. In that case, one needs to port forward PPTP and GRE to the Microtik.

Offline mhimhdi

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Re: Mikrotik PPTP
« Reply #3 on: January 07, 2017, 12:03:27 am »
I think he saying the PPTP server is behind the pfSense firewall. In that case, one needs to port forward PPTP and GRE to the Microtik.

Exactly. Can you help me?

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 9236
  • Karma: +1052/-308
    • View Profile
Re: Mikrotik PPTP
« Reply #4 on: January 07, 2017, 12:54:20 am »
Looks like you need to port forward TCP:1723 and protocol 47 (GRE) to the MikroTik.


https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline mhimhdi

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Re: Mikrotik PPTP
« Reply #5 on: January 10, 2017, 10:14:30 am »
Looks like you need to port forward TCP:1723 and protocol 47 (GRE) to the MikroTik.


https://doc.pfsense.org/index.php/How_can_I_forward_ports_with_pfSense

Can you explain using picture?

Offline dotdash

  • Hero Member
  • *****
  • Posts: 1919
  • Karma: +99/-3
    • View Profile
Re: Mikrotik PPTP
« Reply #6 on: January 10, 2017, 10:26:22 am »
Here are the first two things I found googling pfsense port forward-


Offline mhimhdi

  • Newbie
  • *
  • Posts: 4
  • Karma: +0/-0
    • View Profile
Re: Mikrotik PPTP
« Reply #7 on: January 10, 2017, 12:48:02 pm »
I defined some rules in WAN interface. But still GRE is blocked by pfsense.

Whats if difference between "Rule" and "Port forward" in pfsense? In both of them we open ports.

Offline dotdash

  • Hero Member
  • *****
  • Posts: 1919
  • Karma: +99/-3
    • View Profile
Re: Mikrotik PPTP
« Reply #8 on: January 10, 2017, 01:06:35 pm »
I defined some rules in WAN interface. But still GRE is blocked by pfsense.

Whats if difference between "Rule" and "Port forward" in pfsense? In both of them we open ports.
The port-forward takes traffic hitting your WAN on a particular port, and sends it to an internal host. The port-forward will automatically create a rule to allow the traffic for you. If you just create the rule, the traffic will not be sent to the mikrotik- pfSense will get it.

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14466
  • Karma: +1339/-200
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Mikrotik PPTP
« Reply #9 on: January 15, 2017, 09:35:46 am »
"I use a Mikrotik PPTP Server for my clients. "

PPTP has been dead for years - it is NOT secure.. Its nice of people to help people shoot themselves ;)

Here billy here is the bullets, yes that is how you put them in.. Sure now put barrel in your mouth like its a corndog you want to take a big bite of - yeah like that.. Now slowly squeeze the trigger and all the pain will be gone shortly... heheheheh
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.3.4_p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)