Netgate m1n1wall

Author Topic: Cant get pptp client to access internet from pfsense gateway  (Read 14589 times)

0 Members and 1 Guest are viewing this topic.

Offline mcdull

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Cant get pptp client to access internet from pfsense gateway
« on: October 17, 2011, 08:27:26 am »
I would like to let user to choose if they want to connect internet via pfsense or their own gateway.  It is however, seems impossible for me to config the pfsense 2.0 to allow client to access internet.

Client can connect to VPN server from WAN and able to ping LAN address.
But the client was not able to ping the internet e.g, 8.8.8.8
when I do a tracert and ping. It actually lost 99.5% of internet traffic.

Any help is appreciated. Thanks.

my current config:
LAN 192.168.100.101-199
No. PPTP users: 10
PPTP Server Address: 192.168.100.200
Remote address range: 192.168.10.2
PPTP DNS Server : 8.8.8.8 (or 192.168.100.1)

Firewall Rules:
ID   Proto   Source   Port   Destination   Port   Gateway   Queue   Schedule   Description   
          *    *    *    *    *    *    none         PPTP allow to LAN / WAN
Automatic outbound NAT rule generation: Enabled.


Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14998
  • Karma: +4/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #1 on: October 17, 2011, 11:12:10 am »
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline mcdull

  • Newbie
  • *
  • Posts: 2
  • Karma: +0/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #2 on: October 18, 2011, 02:06:02 am »
Yes.. I am on amd64..
Is the same bug exist on the x86 version?
I guess I need to switch to 32bit in that case.

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14998
  • Karma: +4/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #3 on: October 18, 2011, 06:38:10 am »
That bug only affects amd64.

i386 works fine.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline Der-Tim

  • Newbie
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #4 on: November 17, 2011, 12:41:48 pm »
Will this be solved soon? I'm asking, as we're using pfSense in a productive environment with the need of working PPTP-VPN for some of our users (~25 users, not simultaneous that much).

Regards, Tim

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14998
  • Karma: +4/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #5 on: November 17, 2011, 12:42:57 pm »
You can use i386 and it works fine now.

The bug may not be fixed until 2.1
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline m4f1050

  • Full Member
  • ***
  • Posts: 106
  • Karma: +0/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #6 on: January 13, 2012, 10:44:16 pm »
I have the same setup on i386 and what I do on the PC is not use the gateway of the VPN.   I do the same on iPad.   On my android phone I don't have this option and my phone can't connect to any internet address because its using the VPN as gateway.  Isn't there a NAT - Outbound rule to fix this?  It didn't automatically create it it when I created the VPN....waiting on a fix for android..

I have an OpenVN server running on Windows 7 and all I had to do was ICS (internet connection sharing) a.k.a. masquerade (in linux) the server's nic and share it's internet to the OpenVPN adapter and my OpenVPN clients when connecting to the OpenVPN server gets the web traffic redirected.

I would like to know how to do this on pfSense.  m0n0wall did this automatically when I tried it.

Offline rekd0514

  • Jr. Member
  • **
  • Posts: 34
  • Karma: +0/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #7 on: January 15, 2012, 05:11:36 pm »
I have the same setup on i386 and what I do on the PC is not use the gateway of the VPN.   I do the same on iPad.   On my android phone I don't have this option and my phone can't connect to any internet address because its using the VPN as gateway.  Isn't there a NAT - Outbound rule to fix this?  It didn't automatically create it it when I created the VPN....waiting on a fix for android..

I have an OpenVN server running on Windows 7 and all I had to do was ICS (internet connection sharing) a.k.a. masquerade (in linux) the server's nic and share it's internet to the OpenVPN adapter and my OpenVPN clients when connecting to the OpenVPN server gets the web traffic redirected.

I would like to know how to do this on pfSense.  m0n0wall did this automatically when I tried it.

I ran into this exact problem on my Galaxy Nexus. I can't get internet access at all, but it connects fine.

Offline m4f1050

  • Full Member
  • ***
  • Posts: 106
  • Karma: +0/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #8 on: January 20, 2012, 08:19:16 pm »
I ended up adding a rule under PPTP to allow any port, any source, any destination like I did on m******* and enabled the gateway on my PC/MAC/iPAD clients, can't have them both I guess...  It routes the internet traffic through my tunnel which is not what I really want to do but the only way I found it would work using Android..

Offline natapon

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #9 on: January 25, 2012, 07:50:05 am »
2.0.1-RELEASE (amd64)
built on Mon Dec 12 18:43:51 EST 2011
FreeBSD 8.1-RELEASE-p6

I assume i will have this bug too for PPTP. What about OpenVPN?
I want to create a VPN so that clients can route through my internet connection.

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14998
  • Karma: +4/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #10 on: January 25, 2012, 07:55:38 am »
OpenVPN works fine, this bug only affects PPTP.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline natapon

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #11 on: January 25, 2012, 08:00:50 am »
My friend has issues connecting to my OpenVPN server. I'm still not sure how to set up the OpenVPN server after reading the guides of which some seem outdated.

My settings at the moment

http://i.imgur.com/ALiEf.png

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14998
  • Karma: +4/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #12 on: January 25, 2012, 08:03:21 am »
Start a new thread, this thread is for a PPTP bug.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline KurianOfBorg

  • Full Member
  • ***
  • Posts: 228
  • Karma: +0/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #13 on: May 06, 2012, 03:18:50 am »
I have the same problem. PPTP clients cannot access the internet. This is not even remotely suitable for production use unless there is an EXPERT performing the configuration who can diagnose and lookup every problem on the internet.

Offline KurianOfBorg

  • Full Member
  • ***
  • Posts: 228
  • Karma: +0/-0
    • View Profile
Re: Cant get pptp client to access internet from pfsense gateway
« Reply #14 on: May 06, 2012, 03:39:46 am »
I ended up adding a rule under PPTP to allow any port, any source, any destination like I did on m******* and enabled the gateway on my PC/MAC/iPAD clients, can't have them both I guess...  It routes the internet traffic through my tunnel which is not what I really want to do but the only way I found it would work using Android..

How exactly did you make it work using Android?